PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pwn Plug and Nessus

From: David Maynor <dmaynor () gmail com>
Date: Wed, 28 Aug 2013 15:04:33 -0400
I like running PVS when I can, if not I will run tcpdump. It's good to have a packet log if you are doing anything 
deep. Not just from a CYA standpoint but also a "wow I suddenly have a password file and I don't know what I did to get 
it" log. I cannot count the number of times an app assessment hit serious pay dirt just messing around with wget and it 
took hours for me to notice let alone reproduce. PVS would have flagged a passed file download. 


On Aug 28, 2013, at 10:06 AM, Ron Gula <rgula () tenable com> wrote:

I've also gotten requests to run the Passive Vulnerability Scanner during
pen tests (or more exactly, before the pen test) from a variety of folks
who do that sort of thing for a living. 

Since it is a sniffer, if you can get it deployed ahead of time, you can get
a great deal of intelligence without impacting anyone and have a very
good sense of your targets and vulns before you start exploiting anything. 

Ron 

From: "Albert R. Campa" <abcampa () gmail com>
Reply-To: PaulDotCom List <pauldotcom () mail pauldotcom com>
Date: Wednesday, August 28, 2013 9:39 AM
To: PaulDotCom List <pauldotcom () mail pauldotcom com>
Subject: Re: [Pauldotcom] Pwn Plug and Nessus

The pwnieexpress pentest appliance can though.
http://pwnieexpress.com/products/enterprise-pentesting-appliance

Also purehate mentioned another device, i cant remember the name, in one of his talks this year. I saw it on 
irongeek's youtube channel. I think it was his pass the hash like a rockstar talk.



On Wed, Aug 28, 2013 at 6:47 AM, alec brecher <alec () atomd com> wrote:
The pwn plug does not have the resources to run nessus on-board. Use the
plug's reverse shell to proxy your nessus scans through the plug.
-Alec

-----Original Message-----
From: Larry Petty <Larry.Petty () tribridge com>
Reply-to: PaulDotCom Security Weekly Mailing List
<pauldotcom () mail pauldotcom com>
To: pauldotcom () mail pauldotcom com <pauldotcom () mail pauldotcom com>
Subject: [Pauldotcom] Pwn Plug and Nessus
Date: Thu, 22 Aug 2013 13:51:17 +0000

Does anyone have experience remotely running Nessus with something like the Pwn Plug?

I need something small that will reverse SSH back and allow me to remotely launch Nessus scans. I have heard of 
people using the Pwn Plug, but I'm curious as to the performance and accuracy of the scans.



Larry Petty

Office: 813.287.8887 x 1136
Mobile:
Fax: 813.287.8688

Email: Larry.Petty () tribridge com


Tribridge



Helping our Customers become more Productive, Profitable, Competitive and Secure

The information contained in this message and its attachments is intended only for the recipient(s) named above. 
This information may be privileged and confidential in nature and protected by law. If the reader of this message is 
not the intended recipient, any further review, dissemination, distribution or copying of this information is 
strictly prohibited. If you received this communication in error, please delete the message with its attachments and 
notify the sender immediately.



_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: