Kali Linux
Kali Linux is mainly used to initiate advanced-level Security Auditing and Penetration Testing. The OS comprises numerous tools responsible for carrying out tasks like information security, security research, penetration testing, reverse engineering, and computer forensics.
Pentest Tools
A pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. Several tools listed below are useful for penetration testing.
Rapid7's on-premise vulnerability management solution, Nexpose, helps you reduce your threat exposure by enabling you to assess and respond to changes in your environment real time and prioritizing risk across vulnerabilities, configurations, and controls.
Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. Most important password vulnerabilities and DDOS attack.
OpenVAS is the scanner component of Greenbone Vulnerability Management (GVM). A vulnerability scanner that checks visible ports, services it can access for known exploits, and high level web threats (like cross-site script vulnerabilities and improper file access).
A cloud-based solution that detects vulnerabilities on all assets, including servers, network devices (e.g. routers, switches, firewalls, etc.), peripherals (such as IP-based printers or fax machines) and workstations. Qualys can assess any device that has an IP address.
Burp Suite is an integrated platform and graphical tool for performing security testing of web applications, it supports the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection.