Re: Gear

[Shaon Diwakar <shaon.diwakar () yahoo com au>]

Hi Peter,

All the guys on the list have mentioned lots of things which would be great to include in your kit - although - I've 
only ever taken two laptops with me. One laptop with Windows XP and the other with your favourite flavour of GNU/Linux 
(I like Gentoo or the all-in-one Backtrack - since it has almost everything you'd need and can be wiped and rebuilt 
after each job). I normally prefer to work off the Windows XP laptop with a SSH shell into the Linux box; this way you 
can prepare evidence/work papers/documents in Word/Excel while running tools on both OSes.

The only other things I'd recommend are a portable USB hard disk drive (I use one which is powered off the USB port), 
small router, a powerboard and network cables. I have the USB drive loaded with hash tables and Installers for apps 
that you might need to setup whilst performing fieldwork. In my experience, this has sufficed, but I've never performed 
social engineering or anything fancier than a Internal/External/Web App and Wireless assessment.

Good luck with the new role - you'll be sure to have fun!
sHz

----- Original Message ----
From: Peter Manis <manis () digital39 com>
To: pen-test () securityfocus com
Sent: Sunday, 12 August, 2007 9:32:45 AM
Subject: Gear

What do you carry with you when you are on the job?  I watched a video
from Iron Geek showing multiple laptops, PDAs, etc and I was curious
what items you have found to be important when going on the job.  In
movies they show the glitz and glamor side of things with rollup
keyboards and gadgets most people probably don't need, but do any of
those things come in handy often enough to take them?

At the risk of being laughed at have you heard of people going as far
as bringing sonic ear type devices or similar surveillance devices to
pull information that way?

Please keep in mind I am very new to the world of pen testing so I
really don't know what situations you can get into other than what I
have heard, but I also heard the world was flat.

PM

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------