These days, software vulnerabilities are announced to the public before vendors have a chance to provide a patch to customers. Therefore, it has become important, if not absolutely necessary, for an organization to routinely assess its network to measure its security posture.
But how does one go about performing a thorough network assessment? Network security books today typically teach you only how to use the out-of-the-box functionality provided by existing network security tools, which is often limited. Malicious attackers, however, are sophisticated enough to understand that the real power of the most popular network security tools does not lie in their out-of-the-box functionality, but in the framework that allows you to extend and tweak their functionality. These sophisticated attackers also know how to quickly write their own tools to break into remote networks. The aim of this book is to teach you how to tweak existing and powerful open source assessment tools and how to write your own tools to protect your networks and data from the most experienced attackers.