Penetration Testing mailing list archives
Re: Re: pentest documentation
From: krymson () gmail com
Date: 2 Oct 2006 19:31:41 -0000
For Windows, Camtasia is an excellent screen-recorder if you want to go that route. If you're doing some hands-on things like taps or images or something that can't be put into a virtual machine (and screen-capped by the host machine) you could use a digital video recorder if your engagement either requires this level of documentation or allows you to do so. I guess physical security tests may be better documented with digital cameras, although I dunno if I've ever seen that myself (physical pen-tests I don't see very often or hear much about other than theoretical reviews of a site). Other means that go beyond just providing a report: - putting any confiscated material ("look what I found on this developer's machine, source code and client data databases!") on a cd or USB device and then hash it and label appropriately. - capture the packet output of any scans or actual attacks that you do and hash them. Try your best to get times as close as possible, in case they want to correlate IDS entries with your scans/attacks, or a system went down during the scan and they need to determine that you were the cause. - capture the output of any scanning tools you use. Things like Nessus and nmap will have output files and reports. Even though you likely recreate the reports in a more meaningful format for the client, turning over the raw data itself is also good practice. Be aware that you may be capturing sensitive information this way, so protect any captures you take with you for your own review and be sensitive to what the client is going to be wanting you to provide to them. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Re: pentest documentation, (continued)
- Re: pentest documentation Andres Riancho (Oct 02)
- Re: pentest documentation IndianZ (Oct 02)
- Re: pentest documentation Jason Ross (Oct 02)
- Re: pentest documentation Jürgen R. Plasser (Oct 03)
- Re: pentest documentation Tonnerre Lombard (Oct 03)