Penetration Testing mailing list archives
Re: Need help in making penetration testing tool
From: killy <killfactory () gmail com>
Date: Wed, 14 Jun 2006 13:21:19 -0400
Are you going to build an server/appliance? You could I guess start your pentest/scanning tools from your server/appliance which would have to be in the line of traffic. Maybe between the firewall and perimeter router. Then once you find a vulnerability you could have it trigger and script new ACL / Ip Chain rule on your server/appliance to stop traffic to the target? That would stop attacks from outside your network only. That would be vulnerability assessment/IPS. Based on something like that, you could I guess try exploits and based on the results activate ACLs. But think about this, It sounds like this is an automated tool you are trying to create. It makes IMO more sense to continually 'scan' for vulnerabilities and stop traffic and alert you, then it would to continually run expolits on your production network and stop traffic based on the results. In other words, you could create havoc on your network if your were running say, DOS expolits all day ;-) Not to mention, possibly breaking functionality. It is also, possible that I am missing your point altogether. ;-) Good luck either way. It definately sounds very interesting. On 6/11/06, baumgartner () oneconsult com <baumgartner () oneconsult com> wrote:
Hi, Your idea of combining several functionalities is not so new. So called vulnerability management tools and systems (e.g. SkyBox) combine assessment tools like vulnerability scanners (e.g. Nessus, GFI Languard, Retina), port and network scanners (e.g. Nmap) with security patching funcionality. But the idea, to combine pen test tools with intrusion detection and prevention is knew (as far as I know). But I would not combine such functionalities because pen testing and IPS are following different approaches. A pen test searches for all (technical) security weaknesses and flaws in the target systems (configuration, firmware, os, applications, services in use, patching level, etc.). An IDP/IPS analyses the network traffic based on patterns. I would recommend to take a look at the open source tools nmap (www.nmap.org), nessus (www.nessus.org) and snort (www.snort.org) to have an idea of the complexity of state of the art security scanners and ids/ids. Maybe you might code a control cockpit for (open source) security scanners and idp/ips. Regards, Christoph Baumgartner -- OneConsult GmbH IT Security & Strategic Consulting Christoph Baumgartner lic. oec. publ., OPST CEO Zürcherstrasse 73, 8800 Thalwil, Switzerland Tel.: +41 43 443 52 52 - Fax: +41 43 443 52 62 baumgartner () oneconsult com - www.oneconsult.com mh_omair () yahoo com writes: > HEllo; > By the way l I am new to this list.... iam final year student of computer science...my final year project is a penetration testing tool.. actually we are trying to merge capabilites of both pen test tool and IPS(not just providing testing but remedies too).. i donot know if i > am thinking in wrong way.... > I donot know where to start...please tell me some suggestion and resources that can help me in my project...right now i need good basics and then advance concept... i believe if i can pentrate a system than it would be easy to close that doors for others. > > Waiting for poistive response..... > > ------------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Concerned about Web Application Security? > Why not go with the #1 solution - Cenzic, the only one to win the Analyst's > Choice Award from eWeek. As attacks through web applications continue to rise, > you need to proactively protect your applications from hackers. Cenzic has the > most comprehensive solutions to meet your application security penetration > testing and vulnerability management needs. You have an option to go with a > managed service (Cenzic ClickToSecure) or an enterprise software > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can > help you: http://www.cenzic.com/news_events/wpappsec.php > And, now for a limited time we can do a FREE audit for you to confirm your > results from other product. Contact us at request () cenzic com for details. > ------------------------------------------------------------------------------ > ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- Need help in making penetration testing tool mh_omair (Jun 10)
- Re: Need help in making penetration testing tool[Scanned] Davie Elliott - Eluse (Jun 12)
- Re: Need help in making penetration testing tool baumgartner (Jun 12)
- Re: Need help in making penetration testing tool killy (Jun 14)
- RE: Need help in making penetration testing tool Adam Morey (Jun 16)
- <Possible follow-ups>
- Re: Need help in making penetration testing tool anonymous (Jun 12)