A penetration tester's arsenal includes more than software and applications. Pen testing hardware is equally important to test the diverse range of enterprise systems modern organizations use.
Security practitioners need the right hardware when conducting a pen test, whether done in person or remotely. Below are seven pieces of hardware pen testers and ethical hackers include in their toolkits that enable them to run Kali Linux and other pen testing software.
1. Powerful laptop
Pen testers need a powerful laptop to conduct security assessments properly. The ideal laptop should include the following:
- A large amount of RAM to run multiple VMs.
- A high-capacity SSD and a powerful graphics card for offline password cracking.
- A large screen and selection of ports to maximize usability.
2. Wi-Fi Pineapple or similar Wi-Fi USB device
Pair the laptop with a Wi-Fi Pineapple or a Wi-Fi USB device capable of packet injection to attack networks, web applications and Wi-Fi networks from one device. A Wi-Fi Pineapple helps conduct evil twin attacks, which trick people into connecting to rogue wireless networks. From there, the pen tester can steal user credentials.
3. Dropboxes, such as Raspberry Pi
Pen testers connect and leave behind dropboxes on their clients' networks. These small, inexpensive devices, such as a Raspberry Pi, enable them to later connect remotely to the system. A dropbox can be physically planted into the corporate network as part of a social engineering exercise or physical pen test, or sent directly to a client. The client connects dropboxes to their network to allow the tester to perform the assessment remotely. The tester should choose the most powerful device they can so that it does not become a bottleneck when running tests remotely.
Editor's note: The remaining pen testing hardware is for more specific use cases, usually associated with red teaming.
4. Rubber Ducky or Bash Bunny
Pen testers often have a range of USB devices in their kit alongside the Wi-Fi Pineapple, such as a Rubber Ducky or Bash Bunny. Both devices can compromise an unlocked laptop or desktop computer in seconds by connecting them to a USB port. This enables social engineering or red team engagements, where physically accessing a corporate device for a few seconds is a viable option and in the scope of the pen test. The tester must have access to an unattended computer or convince an employee to grant them access to use these devices.
5. Flipper Zero
The open source Flipper Zero enables pen testers to test and analyze the security of multiple systems, including access controls, RFID, NFC, Bluetooth and radio protocols. If connected to a computer, Flipper Zero can run similar Rubber Ducky scripts. Pen testers can also use it to pen test IoT devices.
6. HackRF One
Pen testers targeting software-defined radio security can try HackRF One. The open source device works on operating radio frequencies of 1 MHz to 6 GHz. It enables pen testers to analyze radio signals used by IoT devices, as well as conduct replay attacks and more.
7. Lock picks and RFID cloning device
Pen testers specializing in physical security assessments carry a variety of tools to gain access through doorways, such as picks, bump keys and door shims. Testers need unaccompanied access to a door or must use a social engineering pretext that enables them to access the door without appearing suspicious.
RFID cloning can also be useful for pen testers involved in red teaming and social engineering. Devices such as the Proxmark3 and iCopy-XS can clone ID badges to help testers get into buildings. They require the tester to get physically close to a valid badge for a short period, enabling them to scan and copy it onto a blank RFID token. This token is then printed with the correct badge design so the tester can impersonate an employee.
Rob Shapland is an ethical hacker specializing in cloud security, social engineering and delivering cybersecurity training to companies worldwide.