Re: pentest documentation

["Jürgen R. Plasser" <plasser () hexagon at>]

Jason Ross wrote:
> On 10/2/06, IndianZ <indianz () indianz ch> wrote:
> > Hi there
> >
> > You can use open source tools:
> >
> > - logging packets with tcpdump (tcpdump -i ethX -nv -s0 -w FILE.pcap 
> > -> additional you can use a net or host filter)
> > - console-logging with script (script FILE.txt -> Ctrl+D for exit and 
> > save)
> > - pipe the output from testing tools into a txt-file (or use a script 
> > with tee -a $log)
>
>
> additionally, metasploit has a logging module/feature which can be
> used when using that tool (see
> http://metasploit.com/projects/Framework/msf3/api/msfbase/classes/Msf/Logging.html) 
>
>
> I also tend to use putty when on a windows platform, that application
> allows for logging to a file of all data, printable data only, and a
> few others. i usually configure it to use "&H_&Y-&M-&D_&T.log" which
> is 'putty' for "hostname_YYYY-MM-DD_HHMM.log" which i find a fairly
> useful naming convention.

I use putty a lot.

Usually I am taking all config files, output and logs from all tools, 
but what I had in mind was a method to capture the "whole" process, not 
only data flow. In my opinion screen recording seems to be a nice and 
optional way to track the pentest visually.

First of all--and that's my standard procedure--it is necessary to 
collect input/output/config data from all tools (and then md5), as many 
of you wrote.

Thanks for the excellent feedback from all of you!

--
Jürgen R. Plasser


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------