Having the right tool can go a long way in the world of information security, but an overabundance of solutions in the market has made it increasingly difficult for security warriors today to tap into the ones that could make a different in their environment. When you add the challenges tied to resources into the mix, it multiplies the problem. That’s why here at we try and spotlight tools that are effective, easy to use.

Many organisations are tapping into the benefits of pentesting, but that too can be quite costly. A new open source pen testing tool, however, could overcome that issue. 

Created by Trustwave SpiderLabs Principal Security Consultant Matt Lorentzen, Sheepl emulates the tasks that people generally perform on a network, while “addressing some of the shortfalls of traditional script-based approaches to emulating user behavior,” Lorentzen wrote in a blog post. He originally created this tool to satisfy his own needs when it came to creating training environments.

“Lab environments are very static and don’t have any relationships, and the people aspect was always missing so I wanted to see if I could fix that problem,” Lorentzen told InfoSec Insider during a recent video interview shot at the RSA Conference.

InfoSec Insider caught up with Trustwave SpiderLabs Principal Security Consultant Matt Lorentzen, who discussed the open source pentesting tool and provided us with a demo.

Click here to watch the video.