Dailydave mailing list archives
Re: TNG Pen Test Tool Questions
From: Rob Fuller <jd.mubix () gmail com>
Date: Wed, 30 Oct 2013 00:37:35 -0400
Meh, same questions are always asked of pretty much any purchase IT or not. 1. Does it do what I need it to do (give me control of the system) 2. Is it reliable (switching protocols and comm methods is a technical detail) 3. Does it have enough oomph (highly technical term, amount of exploits/0day/MITM/Citrix voodoo) I doubt very many pentesters will be asking for the features you have described any time soon. I fear the day when pentesters start asking FLAME/STUXNET questions like "Which $hardware/$software do you have a backdoor in" -- Rob Fuller | Mubix Certified Checkbox Unchecker Room362.com | Hak5.org On Fri, Oct 25, 2013 at 1:34 PM, David Maynor <dave () erratasec com> wrote:
And also "How many exploits does it have?" Not everybody is a exploit expert and someone in the chain of command will ask if your arbitary value A is larger than competitors arbitrary value A. On Oct 25, 2013, at 11:54 AM, Dave Aitel <dave () immunityinc com> wrote:The future of penetration testing tools is coming up quickly, and all the questions have changed on you. For example, it used to be that you would ask: o "How many exploits does it have?" o "How fast can it scan a class B?" o "Can it connect back over HTTPS?" o "Can it bounce from host to host within the internal network?" o "Can you automatically choose the right client side attack when people connect to you?" o etc But here are some of the ones we're asking the INNUENDO dev team, which I think are representative of the post FLAME/STUXNET world: o "Is the local persistence store configurable between the registry and file system or other covert data storage?" o "Can I reconfigure the callback protocol on the fly during a file transfer - and does this automatically happen if my HTTPS callback gets suddenly blocked or shut down?" o "How does it handle Citrix?" o "Is the covert file storage automatically encrypted to C&C or is it plaintext or what?" o "Can I store exploit modules encrypted on the machine until the C&C asks for them to be used?" (http://www.securelist.com/en/blog/208193781/)o "Does it come with the ability to do raw socket injection on Windows 8 x64?" o "How do I write a MITM module?" -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- TNG Pen Test Tool Questions Dave Aitel (Oct 25)
- Re: TNG Pen Test Tool Questions David Maynor (Oct 29)
- Re: TNG Pen Test Tool Questions Rob Fuller (Oct 30)
- Re: TNG Pen Test Tool Questions David Maynor (Oct 29)