Penetration Testing mailing list archives
Re: digital forensic software
From: Susan Bradley <sbradcpa () pacbell net>
Date: Mon, 22 Feb 2010 17:21:06 -0800
Windows Incident Response: How Did THAT Get There???: http://windowsir.blogspot.com/2010/02/how-did-that-get-there.html Windows Incident Response: Forensic Analysis and Intel Gathering: http://windowsir.blogspot.com/2010/02/forensic-analysis-and-intel-gathering.htmlYou guys want to get in to prove to the customer they have weak links. Guys like Harlon want to understand how you (and others) get in.
Watching both lists there's definitely overlap. Susan Bradley wrote:
Erin Carroll wrote:Obviously the moderator was smoking crack. Seriously however, forensic tools are very useful for pen-testing, especially if you're deconstructing malware or bytecode to poke at the inner workings and see how an infection or rootkit is established. I'm sure I'm not alone in picking up new malware and letting it loose in a controlled lab and then using forensic tools to analyze the aftermath. In many cases, it's easier to pick up a known malware payload and modify it for your particular penetration test target. Doing so without forensic analysis of your modifications before turning it loose on a target client system to ensure you are fully aware of the implications is foolhardy. That's just one example for how forensic tools can be useful to pen-testing. While this particular post I let through may be more appropriate to the forensics list, there is value here for pen-testers as well... and I would assume responses from list members would focus on those forensic tools which have capabilities that are more useful for pen-test application vs. law enforcement and chain of evidence. -- Erin Carroll Moderator, SecurityFocus pen-test mailing list "Do Not Taunt Happy-Fun Ball"-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Daniel Clemens Sent: Monday, February 22, 2010 2:55 PM To: David Hanson Cc: pen-test Subject: Re: digital forensic software On Feb 19, 2010, at 7:53 AM, David Hanson wrote:What are your top 3 open source digital forensic software tools andwhy?If you have never used such tools some can be found here; http://www.masterkeylinux.com/index.php/home andhttp://www.opensourceforensics.org/index.html but there are others. Dear Moderator, No offense but how on earth did this get posted on the list. How is this ON-Topic for the pentest mailing list? | Daniel Uriah Clemens | Packetninjas L.L.C | | http://www.packetninjas.net | c. 205.567.6850 | | o. 866.267.8851 "Moments of sorrow are moments of sobriety" ----------------------------------------------------------------------- - This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ----------------------------------------------------------------------- ------------------------------------------------------------------------- This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Pentesting lab, (continued)
- Re: Pentesting lab pasquale imperato (Feb 15)
- Re: Pentesting lab Robin Wood (Feb 15)
- RE: Pentesting lab Byte (Feb 17)
- RE: Pentesting lab Chitre, Salil (Feb 17)
- Re: Pentesting lab Robin Wood (Feb 17)
- RE: Pentesting lab Joe Peters (Feb 18)
- digital forensic software David Hanson (Feb 22)
- Re: digital forensic software Tom Green (Feb 22)
- Re: digital forensic software Daniel Clemens (Feb 22)
- RE: digital forensic software Erin Carroll (Feb 22)
- Message not available
- Re: digital forensic software Susan Bradley (Feb 22)
- Re: digital forensic software Solal Jacob (Feb 25)