Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pentest documentation

From: "Jason Ross" <algorythm () gmail com>
Date: Mon, 2 Oct 2006 18:57:49 -0400
On 10/2/06, IndianZ <indianz () indianz ch> wrote:

Hi there

You can use open source tools:

- logging packets with tcpdump (tcpdump -i ethX -nv -s0 -w FILE.pcap -> additional you can use a net or host filter)
- console-logging with script (script FILE.txt -> Ctrl+D for exit and save)
- pipe the output from testing tools into a txt-file (or use a script with tee -a $log)



additionally, metasploit has a logging module/feature which can be
used when using that tool (see
http://metasploit.com/projects/Framework/msf3/api/msfbase/classes/Msf/Logging.html)

I also tend to use putty when on a windows platform, that application
allows for logging to a file of all data, printable data only, and a
few others. i usually configure it to use "&H_&Y-&M-&D_&T.log" which
is 'putty' for "hostname_YYYY-MM-DD_HHMM.log" which i find a fairly
useful naming convention.

--
Jason Ross

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: