Network Penetration Testing Checklist (Updated 2019)

What is Penetration Testing?

Penetration testing is the process of testing network for its security vulnerabilities by trained security experts (e.g. penetration tests or ethical hackers). The aim of such a test is to strengthen the security vulnerabilities that the network may contain, so that the hacking community does not easily exploit (or take advantage of). It helps discovering Open ports, Troubleshooting live systems, services and grabbing system banners.

List of top Network penetration testing checklist

1. Host Discovery
2. Port Scanning
3. Banner Grabbing/OS Fingerprinting
4. Scan for Vulnerabilities
5. Draw Network Diagrams
6. Prepare Proxies
7. Document all Findings

Let’s explain in brief

1. Host Discovery

Footprinting is the first and important phase in which information on your target system is collected.
DNS footprinting helps list DNS records such as (A, MX, NS, SRV, PTR, SOA, CNAME) in the target domain.

A– A record is used to point the domain name, like, to its hosting server’s IP address.
MX– Email exchange records responsible.
NS– NS records identify the DNS servers in charge of the domain.
SRV– Distinguish records for the service hosted on specific servers. PTR– Reverse DNS lookup, you can use the IP to associate domain with it.
SOA– Record start, it’s nothing but information about the DNS Zone and other DNS records in the DNS system.
CNAME– Cname maps a domain to a different domain name.

Android Apps with 1.5M+ Installs Boost Ad Revenue with Ghost Clicks

Live hosts, accessible hosts in the target network can be detected using network scanning tools like Advanced IP Scanner, NMAP, HPING3, NESSUS.

Ping & Ping Sweep:

root@kali:~# nmap -sn
root@kali:~# nmap -sn To ScanRange of IP
root@kali:~# nmap -sn 192.168.169.* Wildcard
root@kali:~# nmap -sn Entire Subnet

Whois data

To obtain Whois information and name server of a website

root@kali:~# whois


Network Diagonastic tool that displays route path and transit delay in packets

root@kali:~# traceroute

Online Tools

2. Port Scanning

Conduct port scanning with tools such as Nmap, Hping3, Netscan, Network monitor. These tools help us to test a server or host for open ports on the target network.

The open ports are the gateway for attackers to enter and install malicious backdoor applications.

root@kali:~# nmap –open To find all open ports
root@kali:~# nmap -p 80 Specific Port
root@kali:~# nmap -p 80 Range of ports
root@kali:~# nmap -p “*” To scan all ports

Online Tools

3. Banner Grabbing/OS Fingerprinting

Banner Grabbing / OS fingerprinting like Telnet, IDServe, NMAP determines the target host and operating system.
Once you know the target version and operating system, we need to identify and exploit the vulnerabilities. Try to get system control.

Database Patch Management

root@kali:~# nmap -A
root@kali:~# nmap -v -A with high verbosity level

Online Tools

4. Vulnerabilities scanning

Scan the network using GIFLanguard, Nessus, Ratina CS, SAINT vulnerabilities.

These tools help us to identify vulnerabilities in the target system and operating systems. You can find loopholes in the target network system with these steps.


It acts as a security consultant and offers patch management, vulnerability evaluation and network auditing services.


Nessus is a vulnerability scanner tool that looks for a bug in the software and finds a specific way to violate software security.

  • Data collection
  • Identification of the host
  • Port scan
  • Selection of the plug- in
  • Data reporting

5. Draw Network Diagrams

Draw an organization network diagram that helps you understand the logical network connection path to the network host. LANmanager, LANstate, Friendly pinger, network view can draw the network diagram.

6. Prepare Proxies

Prepare acts as a link between two networking devices. A proxy can protect the LAN from external access.

We can anonymize web browsing with proxy servers and filter unwanted content like ads and many others.

To hide you from being caught, proxies like Proxifier, SSL Proxy, Proxy Finder etc.

7. Document all results

The last and most important step is to document all Penetration test findings.

Checkpoint Cyber Security Company Creates Malware Encyclopedia

This document helps you to identify potential vulnerabilities within your network. Once the vulnerabilities have been determined you can plan counteractions accordingly.

You can download rules and scope of worksheet here– rules and scope sheet. Penetration testing therefore helps to evaluate your network before it gets into real difficulties that can lead to serious losses in value and finance.

Network pentesting checklist

Important Tools used for Network Pen-testing


Kali Linux, Backtrack5 R3, Security Onion


Smartwhois, MxToolbox, CentralOps, dnsstuff, nslookup, DIG, netcraft


Angry IP scanner, Colasoft ping tool, nmap, Maltego, NetResident,LanSurveyor, OpManager

Port Scanning

Nmap, Megaping, Hping3, Netscan tools pro, Advanced port scannerService Fingerprinting Xprobe, nmap, zenmap


Superscan, Netbios enumerator, Snmpcheck, onesixtyone, Jxplorer, Hyena,DumpSec, WinFingerprint, Ps Tools, NsAuditor, Enum4Linux, nslookup, Netscan


Nessus, GFI Languard, Retina,SAINT, Nexpose

Password Cracking

Ncrack, Cain & Abel, LC5, Ophcrack, pwdump7, fgdump, John The Ripper,Rainbow Crack


Wireshark, Ettercap, Capsa Network Analyzer

MiTM Attacks

Cain & Abel, Ettercap


Metasploit, Core Impact

These are the most important checklist you should focus on network testing.

Leave a Reply
Previous Post
Firmware bug in wifi

Firmware bug in WiFi affects laptops, smartphones, routers, gaming devices

Next Post
WPML Site Hacked

Popular WordPress plugin WPML (or WP MultiLingual) is hacked

Related Posts