Investigating the Ecosystem of Offensive Information Security Tools (2012.08811v1)

Abstract: The internet landscape is growing and at the same time becoming more heterogeneous. Services are performed via computers and networks, critical data is stored digitally. This enables freedom for the user, and flexibility for operators. Data is easier to manage and distribute. However, every device connected to a network is potentially susceptible to cyber attacks. Security solutions, such as antivirus software or firewalls, are widely established. However, certain types of attacks cannot be prevented with defensive measures alone. Offensive security describes the practice of security professionals using methods and tools of cyber criminals. This allows them to find vulnerabilities before they become the point of entry in a real attack. Furthermore, following the methods of cyber criminals enables security professionals to adapt to a criminal's point of view and potentially discover attack angles formerly ignored. As cyber criminals often employ freely available security tools, having knowledge about these provides additional insight for professionals. This work categorises and compares tools regarding metrics concerning maintainability, usability and technical details. Generally, several well-established tools are available for the first phases, while phases after the initial breach lack a variety of tools.