The INSIDE Cyber Security Division uses the attack tools most commonly used in the market or those developed by the Security Advisory Team, included in the categories listed below:
- Vulnerability Scanning (nessus, nexpose, openvas, etc.)
- Network Scanning (nmap, unicornscan, singsing, arp-scan, ike-scan, p0f, etc.)
- Web Testing (burp suite, zed attack proxy, w3af, skipfish, nikto, etc.)
- Wireless Testing (aircrack-ng, kismet, karmetasploit, etc.)
- Phone Testing (minicom, warvox, ward, thc-scan, etc.)
- Packet Forging (hping, scapy, voiphopper, yersinia, isic, netcat, etc.)
- Network Sniffing (wireshark, cain & abel, ettercap, etc.)
- Password Cracking (john, rcrack, fgdump, thc-hydra, medusa, etc.)
- Exploitation (metasploit framework, exploit-db, private exploits, etc.)
Zero-day exploits, computer attacks that are particularly harmful to the integrity of a website and the proper functioning of an internet node, may also be used, but only at the Client’s explicit request.
Only proprietary hardware and software is used, and at the conclusion of each project a sanitisation procedure is carried out to delete any data remaining from the operation.