They will need to be continuously updated and changed upon by the community as well as within your own standard.Guidelines are just that, something to drive you in a direction and help during certain scenarios, but not an all encompassing set of instructions on how to perform a penetration test. Selecting the tools required during a penetration test depends on several factors such as the type and the depth of the engagement.As such it is a requirement to have the ability to use the three major operating systems at one time. Since this is a hardware platform as well, this makes the selection of specific hardware extremely simple and ensures that all tools will work as designed.VMware Workstation is an absolute requirement to allow multiple instances of operating systems easily on a workstation.Useful for decompiling flash apps and finding hard-coded credentials, etc.One of the most complete penetration testing Linux distributions available.Open VAS is a vulnerability scanner that originally started as a fork of the Nessus project.The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 20,000 in total (as of January 2011) HP SWFScan is a free tool developed by HP Web Security Research Group to automatically find security vulnerabilities in applications built on the Flash platform.
An 802.11 USB adapter allow for the easy connection of a wireless adapter to the penetration testing system.
For this reason, Back Track is the platform of choice as it comes with all the tools required to perform a penetration test.
Windows XP/7 is required for certain tools to be used.
The operating systems listed below should be run as a guest system within VMware. The Linux platform is versatile, and the system kernel provides low-level support for leading-edge technologies and protocols.
All mainstream IP-based attack and penetration tools can be built and run under Linux with no problems.