Penetration Testing For Dummies
Book image
Explore Book Buy On Amazon
As an IT professional, it doesn’t matter how much you know about penetration testing today — there is always more to learn! What you know today could become outdated as technology evolves and morphs into new innovations. With that said, here is a list of penetration testing websites and resources that will be extremely helpful to you as a security professional.

If any of the websites are no longer assessible at any time, do your own online searches for keywords such as pen testing, penetration testing, and security hacking. Also make sure to fact check any data not coming from a reputable site. The sites listed here are generally reputable, but you should still consider researching things before you implement them regardless.

One of the best sources of information you can use for your studies is in the help files of your software. If you use the knowledge bases that come with the tool and online at the vendor’s website, you will learn how to better use the tools and help to reinforce some of the topics learn about penetration testing along the way.

SANS Institute leads to the SANS Institute where since 1989 the site has been filled with a large amount of useful security information that is freely accessible to all. This online resource is easily searchable from the home page and within it contains many resources a pen tester can use, including the SANS Information Security Reading Room that hosts approximately 3,000 original research papers in 110 important categories of security.

You can sign up for weekly bulletins, alerts, newsletters, risk alerts, and other email items that can keep you abreast of threats. You can also access the Internet Storm Center, which is an early warning system for threats.

There are many other resources available such as templates, vendor product information, information on open and closed source software, and so much more.

Another point of interest on the SANS website is the connection to their focused areas on pen testing.

pen testing

If you’re looking to make pen testing a career, being connected to this community and digging deep into their online resources can help made a value add to your education and knowledge.

GIAC certifications

Another point of interest on the SANS website is the connection to their certification arm of SANS, which is called Global Information Assurance Certification (GIAC). It's focused on different areas of security, such as incident response and handling, forensic, and of course pen testing. When you’re ready, you can obtain GIAC Penetration Tester certification (GPEN).

Aside from being an industry standard exam that tests your ability to conduct a pen test, the GIAC website also has a wealth of information about pen testing. You’ll need to pay for the exam and the study materials that come with it. There are other tests available such as CompTIA’s Pentest+ and others, but the benefit to getting GPEN certified is that you get to connect to a community of expert pen testers as well as getting certified and educated.

GIAC GPEN certification The GIAC GPEN certification

Software Engineering Institute

Carnegie Mellon University (CMU) has long been a source of amazing security information. You’ll find information about risk assessments, pen testing, forensics, and security-based incident handling. The CMU site has a CERT landing page that hosts publications and other scholarly works about cybersecurity:

CERT partners with industry experts (from areas such as technology industry, law, government, and academia) to provide advanced studies and research on relevant topics.

Legal penetration sites

Legal penetration sites are variously hosted by groups that provide a realistic way for ethical hackers to learn real hacking skills on networks and systems that have been left in a semi-hardened state. If you run a search on Google for “legal penetration sites,” you will pull up reputable sources to find these sites.

Cisco has information in their help forums as well as security magazines (another great resource) and other sites that host these penetration test hubs where you can hone your skills.

If you can’t afford to set up your own lab environment for testing purposes, then seeking outside resources such as this can really help develop your skills.

Open Web Application Security Project

The Open Web Application Security Project (OWASP) was established in 2001 and is currently a not-for-profit organization that works on the foundation of group collaboration. OWASP is a group that boasts open source and does so with no affiliation of any kind. Their focus is on web application hacking and the security of applications, software, web apps and programs.

The frameworks, information, and resources provided help to guide a pen tester into areas of risk and vulnerabilities surrounding applications such as hacking APIs.

This site can really help you better understand more in-depth details about programing and software hacking, and what you should seek to penetrate and exploit these systems as an ethical hacker. The following image shows the top ten application security risks at the any time.

OWASP pen testing The top ten application risks on the Open Web Application Security Project


Tenable makes Nessus, and you can visit the website for more information on vulnerability scanning, pen testing, and risk assessments. One of the greatest things you can find on the Tenable website is a series of tools and information primarily focused on pen testing. In their research papers are details on how to become a better pen tester:

The image below shows the Tenable website, where you can download Nessus for trial use, or purchase a license for permanent use.

download Nessus forpen testing Downloading Nessus


Nmap is undeniably one of the hottest and most used tools for pen testing outside of Nessus and Metasploit. Contained in Kali, Nmap is a tool that can really do it all. On the website you will find advanced usage of the tool to include subverting firewalls, spoofing scans, getting around IDS, automation and scripting of the tool, and so much more.


Wireshark is one of the de facto tools in your toolkit and a primary source of information for troubleshooting networks, information gathering, or pen testing.

Within the main website you will find tons of detailed information on how to use this tool. As well, the forums where engineers talk about issues and things they find are loaded with literally thousands of pieces of valuable information that will help you learn more about networking, TCP/IP, the Internet, and how packets and frames traverse a network.

Need to learn more about ports, channels, communication, sockets, protocols, packets, headers, and so on? This is the site you need to go to learn more about these details.

Dark Reading

In today’s pen testing world, one of the go-to sites for security professionals is Dark Reading. Dark Reading helps provide information not only on old but breaking news stories geared towards an online community of security gurus and professionals looking for more information about topics like pen testing.

You’ll find newsletters and feeds and the sections on Attacks and Breaches can help you emulate scenarios in your pen testing, stay on top of trends, and conduct ethical hacks to test your security posture.

Offensive Security

From the distributors of Kali, Offensive Security is a company that specializes in doing penetration testing. Offensive Security offers penetration testing services as a service, and they provide a certification as well.

On this site, you can learn more about pen testing from the experts who do it day in and day out. You’ll find sample checklists, tools, reports, and a lot of the things you might want to emulate in your own pen tests.

pen testing Kali Gain access to Kali.

About This Article

This article is from the book:

About the book author:

Robert Shimonski is an ethical hacker and a professional IT leader who has led numerous efforts to architect, design, strategize and implement enterprise solutions that must remain secure. Rob has been involved in security and technology operations for over 25 years and has written his books from the trenches of experience.

This article can be found in the category: