I’m a person that likes to know if my web appliances are “safe” (no web appliance is 100% safe from ALL types of attack)
I have used many tools to test the robustness of my sites including Backtrack tools and general searching around the web for the appliance I use along with plugins and their versions
The ones I use the most for testing my network and or website/s are the following:
1. Armitage automated scan with the hell Mary approach along with additional manual attempts to penetrate my system with my knowledge of knowing what services etc i have running on what ever dedi it is.
(I use this approach due to it being the main approach semi-noob hackers will try to penetrate a system, ergo I halt any noob attackers by knowing if I’m vul before they do, IMO this equates to ~90%+++ of illicit security scanners)
2. Bandwidth bomb (that’s what I call it, gtfo if its not the terminology you use)
1. Acunetix Web Vulnerability Scanner (google it)
Using one of my many virtualised environments I do a full scan on the site and then test out any vulnerabilities to see if they are false positives etc (usually using SQLmap or XSS testing via browser) and then either discard or manually fix the vulnerability.
2. Manually check if I can get a script to spit error or “to much info” via browser.
In practise I mostly know I am safe from MOST attacks for gaining access to servers due to the following reasons:
1. High strength .htaccess rules
2. Software firewall installed on the dedi that stops/denies false headers,manipulated input etc + blocks failed logins on all protocols
3. php.ini settings set in a way to not allow erroring to show and therefore halting most SQL injection and XSS attacks.
All in all I have (in my opinion) I have above average security when it comes to any of my setups. It’s not the best by any means.
I will, in time, go into more detail of appropriate ways to ensure you stay secure in whatever environment you are running.
It is an ongoing battle that is ever evolving.