Penetration Testing mailing list archives
RE: Tool kit assembly
From: "Petruzel, Oliver" <OliverP () aegisresearch com>
Date: Thu, 26 Jul 2001 11:32:30 -0400
Classic Attack Box build: Requirements: 1 Laptop which must be linux-friendly hardware, and 1 tech-savvy, linux-and-NT-friendly, (part-time coder) engineer-dude. START WITH: - partition the Drive in a 50/50 split or 60/40 - Install NT/2k workstation on largest partition - Install as many NT attack tools as possible, including ISS scanner/Cybercop if possible. - Install ActivePerl, Visual C++ with latest service pack, and Java JDK - latest. - Install NmapNT, superscan, sam spade, etc. (all freeware) - Install debug tools (windbg works, but look for better) - Install freeware forensics tools. S-tools, Hex editors, etc. Encase if you can. THEN - Install VMWare 2.0 - Install linux flavor of your choice on second parition and configure it within VMware - Install latest nix version of nmap, nessus, saint, sara, etc. - Install Snort, ethereal, tcpdump and similar tools. - Install latest C/java libraries. - Download every piece of attack code you can find = millions of available scripts and coded pieces, just start with the latest and greatest and work backwords. Good luck getting 99% of them to compile on anything without fixing the code. That's the fun part, right? lol. (sources will be bugtraq list, securityfocus.com, IRC, packetstorm, rootabega, neworder.box.sk, etc etc. make sure to collect trojans as well - preferably their source code - also research methods of creating malicious web content or email via html/java/activex - also collect DoS code as well: you never know when you may wish to flood an IDS port...) Then, if you reaqlly want to be high speed, do this: - Install a wireless NIC which conforms to as many wireless standards as possible. - install dsniff and/or any sniffing tools you can find, on either platform - read up on wireless sniffing That would be a good start. There are hundreds of little apps and tools which i failed to list, and some of the stuff i mentioned may cost some good money. But ultimately, you end up with a unit which you may Ghost and re-use forever as your portable attacking monster. By the way, I prefer the complete opposite, as I make linux my primary OS, and install VMware for linux and go the other way... as linux is where i hang my hat. good luck. any questions, feel free to contact me anytime - Oliver Petruzel - Computer Intrusion Analyst - Aegis Research Corporation
-----Original Message----- From: Coffey, Christopher S. [mailto:Christopher.Coffey () mail va gov] Sent: Wednesday, July 25, 2001 1:41 PM To: 'Eric R. Van Skike'; pen-test () securityfocus com Subject: RE: Tool kit assembly I'll give you a quick run down of how I would set-up an "attack box" using freeware apps... I would start with a good mid-range laptop. I would recommend you use a version of Linux as an OS unless your company has a policy against it. I would start by loaded a couple of nice freeware tools such as nmap(port scanner) http://www.nmap.org/ and Nessus(remote security scanner) http://www.nessus.org/ . Those would be the core tools I would use for any testing done. Various other great tools I've used include : Whisker - CGI vulnerablity scanner - Good for checking for bad CGI's on any web server http://www.wiretrip.net/rfp/ Saint - Another Vulnerability checker- http://www.wwdsi.com/saint/ Sara - Another Vulnerability checker - http://www-arc.com/sara/ These are just a few of the tons of tools out there, I would recommend you load some up, and play with them in a lab to decide which you think are better for what your doing. Here is a link to a recent servey of the top 50 tools for pen-testing complete with some great links to web sites etc. http://www.nmap.org/tools.html Hope this helps -----Original Message----- From: Eric R. Van Skike [mailto:vanskike () ods ods net] Sent: Wednesday, July 25, 2001 12:08 AM To: pen-test () securityfocus com Subject: Tool kit assembly I've been lurking for awhile, and the vast amount of information that passes through this list has left me with a problem, to much information to process quickly :). It look's like I will need to do some penetration test for the organization I work for in the not-to-distant-future. The problem is, I do not really know where to begin as far as what programs would be appropriate. The organization I work for is currently just a Microsoft shop with very-few non MS services/programs made available to the masses. And here begins my request... I was wondering if anyone on this list could give me recommendations of programs or websites that would be useful for someone (such as myself) who is creating a 'tool kit'. With the wide array of programs available, I'd like to avoid getting programs that are not up to par. commercial or non-commercial is fine. Thanks in advance for any help. -Eric Van Skike vanskike () ods ods net -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Tool kit assembly Eric R. Van Skike (Jul 25)
- Re: Tool kit assembly Nicolas Gregoire (Jul 25)
- Re: Tool kit assembly Jonathan Rickman (Jul 26)
- Re: Tool kit assembly Dave Ryan (Jul 25)
- Re: Tool kit assembly seclists (Jul 26)
- Re: Tool kit assembly DA Smith (Jul 29)
- <Possible follow-ups>
- RE: Tool kit assembly Coffey, Christopher S. (Jul 25)
- RE: Tool kit assembly Sean Knox (Jul 26)
- Re: Tool kit assembly xbud (Jul 26)
- RE: Tool kit assembly Petruzel, Oliver (Jul 26)
- Re: Tool kit assembly Nicolas Gregoire (Jul 25)