Security Basics mailing list archives
RE: Automated penetration test
From: "Rui Pereira (WCG)" <wavefront1 () shaw ca>
Date: Fri, 3 Apr 2009 09:29:33 -0700
No, There are tools that would do that (autopwn). Metasploit Framework itself has that capability (sort of) - see http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html and http://digg.com/d18BYD. Fast-Track in BT3 has menus for this and more (see also https://www.securestate.com/Pages/Fast-Track.aspx). Also look at SAINTExploit (some $) http://www.saintcorporation.com/products/penetration_testing/saint_exploit.h tml Core Impact ($$$) has similar functionality and is far easier to use (GUI). There may be others but these are the ones I am familiar with. Thank You Rui Pereira,B.Sc.(Hons),CIPS ISP,CISSP,CISA,CWNA/CWSP,CPTS/CPTE Principal Consultant WaveFront Consulting Group wavefront1 (at) shaw.ca | www.wavefrontcg.com | .... -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of David Gillett Sent: April 2, 2009 11:52 AM To: p.valera () pucp edu pe; security-basics () securityfocus com Subject: RE: Automated penetration test That's not a "penetration test". That's a "vulnerability scan", and if you Google on "vulnerability scanners" you'll have lots to choose from. David Gillett
-----Original Message----- From: >p3dRø< [mailto:p.valera () pucp edu pe] Sent: Wednesday, April 01, 2009 10:29 AM To: security-basics () securityfocus com Subject: Automated penetration test Hello, I need to make an automated penetration test in a network. I always find tutorials about one especific exploit, in metasploit framework, for example. I need a tutorial for automated test with all the exploits as possible just especifying the subnet, for example 192.168.1.0/24. I mean, is there a program that could do this? : ./program -allexploits 192.168.1.0/24 or in few steps do that ? (text mode, web? ) The tool doesn\'t matter: backtrack, metasploit, but I need to launch the automated penetration test as I mentioned. Someone knows a good tutorial or link about that ? Thanks in advance, Pedro -------------------------------------------------------------- ---------- This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html -------------------------------------------------------------- ----------
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------ No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.0.238 / Virus Database: 270.11.35/2033 - Release Date: 04/02/09 19:07:00 ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- Automated penetration test p3dRø (Apr 02)
- RE: Automated penetration test David Gillett (Apr 03)
- RE: Automated penetration test Rui Pereira (WCG) (Apr 03)
- RE: Automated penetration test leegarner (Apr 03)
- Re: Automated penetration test Nikhil Wagholikar (Apr 03)
- Re: Automated penetration test Nicholas Harvey (Apr 03)
- <Possible follow-ups>
- Automated penetration test p3dRø (Apr 02)
- Re: Automated penetration test Abhishek Kumar (Apr 03)
- Re: Automated penetration test τ∂υƒιφ * (Apr 03)
- Re: Automated penetration test Sujit Ghosal (Apr 03)
- Re: Re: Automated penetration test jeevanullas (Apr 20)
- RE: Automated penetration test David Gillett (Apr 03)