Penetration Testing mailing list archives
Re: Tools to use for Penetration Testing?
From: philip.finn () uscellular com
Date: 11 Sep 2008 14:21:33 -0000
Being a White hat/Hacker is not about the tools any body can take Core impact and exploit a vulnerability that has already been written for them. If you want to be a pen tester you need to understand the exploits themselves and how they actually work. You need to be able to understand machine code so that you can spot a buffer overflow in poorly written code. You should understand sql query language so that you can test for sql injection. You need to understand exactly how network protocols work. The tools will come with the understanding of these types of technology. I'm sure any number of people on this list can rattle off tools but if you don't understand what the tools are used for then they are pointless. Phil ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- RE: Tools to use for Penetration Testing?, (continued)
- RE: Tools to use for Penetration Testing? Shenk, Jerry A (Sep 13)
- Re: Tools to use for Penetration Testing? J. Oquendo (Sep 14)
- RE: Tools to use for Penetration Testing? Ardian Silvano (Sep 12)
- Re: Tools to use for Penetration Testing? Thorgul (Sep 12)
- RE: Tools to use for Penetration Testing? Veal, Richard (Sep 12)
- RE: Tools to use for Penetration Testing? Rivest, Philippe (Sep 12)
- Re: Tools to use for Penetration Testing? Todd Haverkos (Sep 12)
- Re: Tools to use for Penetration Testing? Jon Kibler (Sep 12)
- Re: Tools to use for Penetration Testing? Nikhil Wagholikar (Sep 12)
- Tools to use for Penetration Testing? christopher . riley (Sep 12)
- Re: Tools to use for Penetration Testing? philip . finn (Sep 12)