Penetration Testing mailing list archives
Re: pentest documentation
From: "Jason Ross" <algorythm () gmail com>
Date: Mon, 2 Oct 2006 18:57:49 -0400
On 10/2/06, IndianZ <indianz () indianz ch> wrote:
Hi there You can use open source tools: - logging packets with tcpdump (tcpdump -i ethX -nv -s0 -w FILE.pcap -> additional you can use a net or host filter) - console-logging with script (script FILE.txt -> Ctrl+D for exit and save) - pipe the output from testing tools into a txt-file (or use a script with tee -a $log)
additionally, metasploit has a logging module/feature which can be used when using that tool (see http://metasploit.com/projects/Framework/msf3/api/msfbase/classes/Msf/Logging.html) I also tend to use putty when on a windows platform, that application allows for logging to a file of all data, printable data only, and a few others. i usually configure it to use "&H_&Y-&M-&D_&T.log" which is 'putty' for "hostname_YYYY-MM-DD_HHMM.log" which i find a fairly useful naming convention. -- Jason Ross ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation David Swafford (Oct 02)
- Re: pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation Andres Riancho (Oct 02)
- Re: pentest documentation IndianZ (Oct 02)
- Re: pentest documentation Jason Ross (Oct 02)
- Re: pentest documentation Jürgen R. Plasser (Oct 03)
- Re: pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation David Swafford (Oct 02)
- Re: pentest documentation Tonnerre Lombard (Oct 03)
- <Possible follow-ups>
- Re: Re: pentest documentation krymson (Oct 02)
- Re: pentest documentation David Ball (Oct 03)
- RE: Re: pentest documentation William Woodhams (Oct 03)