Penetration Testing is deemed the most common techniques to assess and evaluate information system security Posture, basically it's defined as legally attempts to gain access to the target system by using tools and techniques alike to those used by adversary hackers. Penetration-testing processes relied and aided by collections of automated tools. Nevertheless, because of the enormous number of tools existing, penetration-testing specialists might encounter problems in selecting the most appropriate tools for the mission. As a consequence, this thesis primarily aims to offer the security community more reliable references regarding the effectiveness of penetration testing tools. Groups of service fingerprinting tools including Nmap, Dmitry, Unicornscan, and vulnerability scanning tools including Nexpose, OpenVAS, and GFI Languard, were designated for performance assessment. Results of the research propose that Nmap and Nexpose are greater than others are due to their quick response time and rational coverage