February 03, 2014
Starting at $203 for a one-IP license.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Virtual machine makes deployment easy, high-gain antenna for Wi-Fi cracking.
- Weaknesses: Can be expensive.
- Verdict: This tool keeps getting better and better. If you can afford the cost, this one may be for you.
A couple of years ago, we saw the Penetrator from SecPoint in its first iteration. Back then it came as a small Dell computer running some form of Linux loaded with a bunch of vulnerability scanning and penetration features. We found it was a great product in concept, but it needed a lot of polish to compete amongst the high-end penetration testing tools. With this new version, we have started to see that polish and this product is looking pretty good. First and foremost, SecPoint has ditched the clunky hardware in favor of a virtual machine that can be run in VMware or Microsoft Hyper-V. Second, the company has added a large, high-gain Wi-Fi antenna for wireless penetration testing. More on all that later.
As for setup, we found the process to be much more smooth than in the previous version. The virtual machine comes loaded on a DVD packed into a two-part zip file. Depending on deployment needs, once unzipped, the virtual machine can be easily loaded using VMware Player, VMware Workstation, VMware vSphere or Microsoft Hyper-V. We chose to simply run the virtual machine in VMware Player on one of our Windows 7 lab machines. It took us no time at all to get the virtual machine up and running, and once it was booted we were greeted with a cleanly displayed setup desktop that had all the tools and components of the Penetrator ready to go.
We found this product to be quite easy to use overall and to have a comprehensive feature set. The scanning engine includes several pre-defined scanning options, such as a normal scan, extended scan or firewall scan among others, and reports can be easily exported in several formats, including PDF and XML. On top of the network scanning capability, the Penetrator comes ready for Wi-Fi encryption cracking and key recovery. Supplied with the software is a high-gain Wi-Fi antenna that can be easily connected to the virtual machine for integration into the Wi-Fi scanning and cracking application. This can be used against WEP, WPA, WPA2 and WPS encryption modes.
Documentation for this solution included an installation guide, full user manual and a few other pieces of supplemental documentation for the Wi-Fi components. The installation guide provided an excellent amount of detail on how to deploy the virtual machine and get the Penetrator up and running, and the user manual provides complete in-depth configuration and feature usage information. We found all documentation to be well-organized and easy to follow with clear, step-by-step instructions, screen shots and configuration examples.
SecPoint offers 24/7 email- and web-based live chat support as part of the product price. Customers also have access to a small assistance area on the website, which includes product documentation downloads, a knowledge base, user forum and training videos.
At a price starting at just over $200 for a single IP license, this product comes with quite the price tag. However, we find the SecPoint Penetrator to be an overall good value for the money based on its ease of use and flexible deployment options on top of a well-rounded feature set. Despite the cost, this is a solid product.
Sign up to our newsletters
SC Magazine Articles
- CTB-Locker ransomware variant being distributed in spam campaign
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Proposed CFAA revisions agitate IT security community
- New attack uses ransomware to drop trojans and keyloggers
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history