Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: One Big Review, One Small Script?

From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 8 Nov 2001 13:39:27 -0500 (EST)
On Tue, 6 Nov 2001, Scott Seglie wrote:


I'm sure there is a more efficient way to do this.  I realize that
there is research involved and hands on (work must be done...but for
the initial information gathering, is anyone going about it a
different way?  Maybe a series of scripts?


you may want to look into expect scripting this, ie conditional
executions, interactions, etc ...

CORE SDI is working on a new tool, Impact, which is based on their
research on automated pen testing. they have made many presentations on
it, including at blackhat this year.

http://www.core-sdi.com/solutions/core_impact.html
http://www.blackhat.com/

VERY cool stuff, these guys are REALLY bright. worth checking out, even if
only to get some ideas.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: