Zenmap is the official Nmap Security Scanner software. It is a multi-platform free and open source application. It is easy to use for beginners but also offers advanced features for experienced users.
Features:
The other tools that might be useful for penetration testing are
Features:
- Interactive and graphical results viewing
- It summarizes details about a single host or a complete scan in a convenient display.
- It can even draw a topology map of discovered networks.
- It can show the differences between two scans.
- It allows administrators to track new hosts or services appearing on their networks. Or track existing services that go down
The other tools that might be useful for penetration testing are
- Acunetix: It is a web vulnerability scanner targeted at web applications. It is expensive tool compare to others and provides facility like cross site scripting testing, PCI compliance reports, SQL injection, etc.
- Retina: It is more like a vulnerability management tools than a pre-testing tool
- Nessus: It concentrates in compliance checks, sensitive data searches, IPs scan, website scanning, etc.
- Netsparker: This tool comes with a robust web application scanner that identifies vulnerabilities and suggest solutions. There are free limited trials available but most of the time it is a commercial product. It also helps to exploit SQL injection and LFI (Local File Induction)
- CORE Impact: This software can be used for mobile device penetration, password identification and cracking, network devise penetration etc. It is one of the expensive tools in software testing
- Burpsuite: Like other this software is also a commercial product. It works on by intercepting proxy, web application scanning, crawling content and functionality etc. The advantage of using Burpsuite is that you can use this on windows, Linux and Mac OS X environment.