InfoGraphic – Your PenTest Tools Arsenal

In 2014 we started “Your PenTest Tools Arsenal – Survey”. Its purpose was to have a better picture over the tools that security professionals uses in their day by day activities, to help others choose their tools or test new ones. Though there are hundreds and hundreds of information security tools and each month we see tens of other that appear, most of responders was focused on a few well established tools. Bellow you have the answers of 871 security professionals that choose to fill in the survey.


The survey is not intended to show the best tools out there but to picture what most security professionals uses. Every security professional have his/her own strategy, tactics and habits when perform penetration testing. The survey can be also very helpful for companies and organizations that build pentest tools to their marketing department to find out infosec’s community opinion and tools usage and improve their marketing strategy.

We already launched “Your Pentest Tools Arsenal 2015 – V2” Survey. In case you want to be part of 2015 Pentest Tool Arsenal Survey, just hit “Take Survey 2015”

About: CTF365 is a top notch Security Training Platform for the IT industry with a focus on Security Professionals, System Administrators and Web Developers that offers five stars services.

The Platform implements CTF concepts and leverages gamification mechanics to improve retention rates and speed up the learning/training curve.



Summary Response:

Marius Corici

Lazy (energy efficient) entrepreneur: Thinking a lot to do less, preserving energy, providing simplicity.

You may also like...

15 Responses

  1. Anon says:

    Are there really any surprises here at all?
    Also burb suite? Did the person putting this together have any clue at all?

  2. John says:

    Awesome infographic, really enjoyed it.

  3. Cykhet says:

    I was surprised to not see Nexpose mentioned / listed.

  4. Zoshi says:

    Wow..EXACTLY what I was looking for…

  5. john says:

    The word ‘relevant’ near the bottom is also misspelled.

  6. Ramon says:

    Very useful Inforgraphic,covering all pentest tools in a nutshell. Thanks for the post. sharing it. =>

  7. Paritosh Dixit says:

    I believe protocol fuzzing tools are missing.

    These fuzzing tools are used to test robustness of TCP/IP suite as well as industrial controls systems (ICS) protocols, such as DNP3 and Modbus. These protocols are considered insecure-by-design, and are extensively used in communication systems of critical infrastructure such as power grid.

    If s protocol stack is not robust, a simple protocol fuzz attack can cause memory leaks, infinite loops and eventual crash of networking-facing applications.

    Few example tools:
    1. Achilles Test Platform from Wurldtech
    2. Spirent Security Studio
    3. CodeNomicon Defensics

  1. July 23, 2015

    […] Every security professional have his/her own strategy, tactics and habits when perform penetration testing.  […]

  2. July 28, 2015

    […] Tools Arsenal” survey. We’ve placed the results in an infographic that can be seen HERE. Now we’re running “Your Pentest Tools Arsenal – v.2.0″ – 2015 […]

  3. May 4, 2016

    […] yılıda başlatığı “Your PenTest Tools Arsenal – Survey” adı altında yapılan, penetrasyon testleri alanında güvenlik uzmanları ile birlikte, […]

Leave a Reply

Your email address will not be published. Required fields are marked *