Penetration Testing mailing list archives
RE: stuck with concepts...
From: "Benjamin Tomhave" <list-procurare () secureconsulting net>
Date: Mon, 24 Apr 2006 17:46:32 -0400
As much as it pains me to provide the reference, a book like Hacking Exposed (currently in 5th ed.) provides the info you're needing. Think of it as a basic explainer in the process you're developing. Probably can get a copy at any old bookstore. http://www.amazon.com/gp/product/0072260815/sr=8-2/qid=1145915107/ref=pd_bbs _2/102-8873215-1096951?%5Fencoding=UTF8 --- Benjamin Tomhave, CISSP falcon () secureconsulting net http://falcon.secureconsulting.net/ http://www.linkedin.com/pub/0/622/964 "We must scrupulously guard the civil liberties of all citizens, whatever their background. We must remember that any oppression, any injustice, any hatred is a wedge designed to attack our civilization." -President Franklin Delano Roosevelt
-----Original Message----- From: Joel Jose [mailto:joeljose420 () gmail com] Sent: Monday, April 24, 2006 1:22 AM To: pen-test () securityfocus com Subject: stuck with concepts... people, i am facing a small conceptual difficulty in the project(ospttm.pbwiki.com). we need to do a reconnaisance of the target and prepare logistics for the attack, like mapping the target network.. etc but when we use nessus and metasploit, where do our efforts fit the picture?.. when we have correctly mapped the target network using firewalk,nmap,amap..etc . Ok the whois and dnsquery can give you target ip's to put in nessus, but what bout others?... isthere a way to integrat our results with these automated tools?.. or the traditional method of using firewalk,nmap..etc has fallen down to current trends like nessus? joel. -- As soon as men decide that all means are permitted to fight an evil, then their good becomes indistinguishable from the evil that they set out to destroy. - Christopher Dawson, The Judgment of Nations -------------------------------------------------------------- ---------------- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. -------------------------------------------------------------- ----------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- stuck with concepts... Joel Jose (Apr 24)
- RE: stuck with concepts... Benjamin Tomhave (Apr 25)
- Re: stuck with concepts... bofn (Apr 25)