February 03, 2014
Starting at $203 for a one-IP license.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Virtual machine makes deployment easy, high-gain antenna for Wi-Fi cracking.
- Weaknesses: Can be expensive.
- Verdict: This tool keeps getting better and better. If you can afford the cost, this one may be for you.
A couple of years ago, we saw the Penetrator from SecPoint in its first iteration. Back then it came as a small Dell computer running some form of Linux loaded with a bunch of vulnerability scanning and penetration features. We found it was a great product in concept, but it needed a lot of polish to compete amongst the high-end penetration testing tools. With this new version, we have started to see that polish and this product is looking pretty good. First and foremost, SecPoint has ditched the clunky hardware in favor of a virtual machine that can be run in VMware or Microsoft Hyper-V. Second, the company has added a large, high-gain Wi-Fi antenna for wireless penetration testing. More on all that later.
As for setup, we found the process to be much more smooth than in the previous version. The virtual machine comes loaded on a DVD packed into a two-part zip file. Depending on deployment needs, once unzipped, the virtual machine can be easily loaded using VMware Player, VMware Workstation, VMware vSphere or Microsoft Hyper-V. We chose to simply run the virtual machine in VMware Player on one of our Windows 7 lab machines. It took us no time at all to get the virtual machine up and running, and once it was booted we were greeted with a cleanly displayed setup desktop that had all the tools and components of the Penetrator ready to go.
We found this product to be quite easy to use overall and to have a comprehensive feature set. The scanning engine includes several pre-defined scanning options, such as a normal scan, extended scan or firewall scan among others, and reports can be easily exported in several formats, including PDF and XML. On top of the network scanning capability, the Penetrator comes ready for Wi-Fi encryption cracking and key recovery. Supplied with the software is a high-gain Wi-Fi antenna that can be easily connected to the virtual machine for integration into the Wi-Fi scanning and cracking application. This can be used against WEP, WPA, WPA2 and WPS encryption modes.
Documentation for this solution included an installation guide, full user manual and a few other pieces of supplemental documentation for the Wi-Fi components. The installation guide provided an excellent amount of detail on how to deploy the virtual machine and get the Penetrator up and running, and the user manual provides complete in-depth configuration and feature usage information. We found all documentation to be well-organized and easy to follow with clear, step-by-step instructions, screen shots and configuration examples.
SecPoint offers 24/7 email- and web-based live chat support as part of the product price. Customers also have access to a small assistance area on the website, which includes product documentation downloads, a knowledge base, user forum and training videos.
At a price starting at just over $200 for a single IP license, this product comes with quite the price tag. However, we find the SecPoint Penetrator to be an overall good value for the money based on its ease of use and flexible deployment options on top of a well-rounded feature set. Despite the cost, this is a solid product.
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Over 7M Minecraft mobile credentials exposed after Lifeboat data breach
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- FBI investigating attack against computer networks at U.S. law firms
- First Choice Credit Union files class-action suit against Wendy's over breach
- Top NFL prospect Tunsil free falls in draft after apparent hacker posts damaging video, texts
- Researchers spot Android Infostealer disguised as Chrome update
- Researchers spot mobile malware competition on the black market
- Judge ruled go ahead for claims of phone hacking against UK tabloid