Penetration Testing – How to do it yourself – the easy way

There is a lot of mystery (& expense) around the subject of Penetration Testing. I recently had a need & dove in to try & figure it out.

As it turns out, you really can do this yourself if you have slightly above-average computering skills & are comfortable installing software. Although at first I was doubtful and the free version was frustrating to try & use while learning.

The short version of the story is you need Virtual Box, Kali Linux, & Metasploit Pro. VB & Kali are free, and Metasploit is open source, but the Pro version has a free time-limited trial (then $2,000/yr). Be sure to obtain these software only from the original sources, definitely not from scammy download sites. It is fantastic that these things are free downloads & open source. No reason to take stupid risks by downloading from anywhere but the real source.

I used Mac, but VB runs on all major OSes, so use whatever OS you like. If you like Linux, probably still want to use VB, due to the way Kali Linux is tweaked for security, or more accurately tweaked for lower security than you’d want for a daily OS, otherwise; Install VirtualBox normally, then install Kali Linux into VB, then install Metasploit into Kali. It is all pretty easy, even if a bit slow. Kali includes a bunch of intriguing tools, but at the moment try to stay focused on Metasploit.

When you open up Metasploit, they will offer you a free trial of the Pro version. Take it. Unless you are a super-skilled penetration testing pro, you need the pro version because it automates things so well that even a newbie can do an great pen test. At least that is how it looks to me. Without the pro version a lot of the buttons do not work (they require pro). Once you have the pro version (they email you a license code number) enter your IP number range to scan and push the button for a pen test. Let it run until finished, could be 30 minutes, or overnight, depending. You have IIRC 2 weeks to fully use that pro version before it expires & costs money. You’ll probably want to scan your network from inside the LAN, and also outside from the internet. Don’t forget to generate a PDF report! There are several choices, I found the “Audit” report to be useful & acceptable for what I needed.

If your situation requires 3rd party certification, you won’t be allowed to certify it yourself, in which case I would try or Qualys Free Scan. I’ve used both of those for Vulnerability testing, and they are good at that, so I expect they would also be good at pen testing. SecurityMetrics was competitively priced last year when I checked around. I still use them for quarterly vulnerability scans. Qualys offers a free occasional vulnerability scan, and the results are different, so depending on your motivations, you might try both.

You might also want to run your own pen tests before hiring anyone else, so you can get your ducks in a row beforehand.

Leave a Reply

Your email address will not be published. Required fields are marked *