Penetration Testing mailing list archives
Re: [PEN-TEST] How to "break into" the Pen-Testing field
From: "Frasnelli, Dan" <dfrasnel () COREWAR COM>
Date: Sun, 10 Sep 2000 18:17:32 -0400
What would be the typical tool suite one would use on a Pen Test??
I assume you meant the usual network-based penetration test by that. If you are asked to mess with a client's pbx/vmb, physical security, employees, etc... there are other techniques or hardware involved. Most penetration tests are conducted in two phases: exploration and exploitation. I recommend you tailor a software 'tool suite' with those as guidelines. Depending on your style, organizing tools this way may or may not be efficient. Below are examples biased towards Unix; perhaps an NT person has suggestions for that platform. Exploration and Analysis - portscanners: nmap (www.insecure.org) - sniffers: tcpdump (www.tcpdump.org) ngrep (sourceforge.net/projects/ngrep) dsniff (www.monkey.org/~dugsong/dsniff) - vuln scanners: vlad (razor.bindview.com/tools/) whisker (sourceforge.net/projects/whisker) - Samba, nbtscan, l0phtcrack & other tools for windows networks - the inevitable custom code and scripts Exploitation - hunt (www.gncz.cz/kra/index.html) - misc tools (www.ussrback.com, www.packetfactory.net) - whatever is current from packetstorm/ussrlabs/bugtraq/etc. for the targets. This category is dynamic and typically contains unreleased exploits, in-house code, etc. Its also the attack phase which causes most 'script kiddies' grief, as it requires a lot of creative tweaking to avoid detection. A portable computer and disc with various tools compiled for your platform of choice is a good starting point for a network penetration kit. -dan
Current thread:
- [PEN-TEST] How to "break into" the Pen-Testing field Lashley, Bryan (Sep 08)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Drew Simonis (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field El Nahual (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field INOM (Sep 10)
- <Possible follow-ups>
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Bob Radvanovsky (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field gatekeepr (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Dragos Ruiu (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Frasnelli, Dan (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 11)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Frasnelli, Dan (Sep 11)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Bennett Todd (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Frasnelli, Dan (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field gatekeepr (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Carric Dooley (Sep 12)
- Message not available
- Re: [PEN-TEST] Network Mapping (was Re: [PEN-TEST] How to "break into" the Pen-Testing field) Teicher, Mark (Sep 12)
- Re: [PEN-TEST] Network Mapping (was Re: [PEN-TEST] How to "break into" the Pen-Testing field) Adrian Lazar (Sep 12)
- Re: [PEN-TEST] Network Mapping (was Re: [PEN-TEST] How to "break into" the Pen-Testing field) Carric Dooley (Sep 13)