Penetration Testing mailing list archives
RE: Smart-phone for pen tester
From: "Brad Bemis" <brad.bemis () secureitexpert com>
Date: Mon, 18 Oct 2010 09:59:28 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 It may have already been mentioned, but one key advantage of the Android phone as a pen-testing tool is its open architecture. While the number and quality of tools for either platform may be limited, at least there is the potential for new and interesting tools being developed by other like-minded folks for the Android (without the hoops Apple requires to get something listed for the iPhone). Brad Bemis, CISSP, CISA Information Security Professional SecureITExpert | Seattle WA =========================== PGP KeyID: 0xC89B8AA1 (.asc) http://www.secureitexpert.com http://twitter.com/SecureITExpert =========================== "Change is the Only Constant!" - -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Adrian J Milanoski Sent: Friday, October 15, 2010 7:08 PM To: Gleb Paharenko Cc: pen-test () securityfocus com Subject: Re: Smart-phone for pentester Just go with an Android or iPhone there is much more support for them and users. So, if you have an issue chances are that someone else has already tried it some where at some point. Just a thought. Good luck with it all mate. Thanks, Adrian _________________ Sent from my iPhone On 2010-10-13, at 3:57 PM, Gleb Paharenko <gpaharenko () gmail com> wrote:
Thank you every one. I'm currently looking more and more towards n900. However I'm shine with the following: - weak battery - Resistive touchscreen - less application than in Apple Store and Android Store (however I'm not sure if this is true :) Does battery and resistive screen do not make you uncomfortable? 2010/10/13 Adrian J Milanoski <amilanoski () gmail com>:Hey Curt, I was honestly just browsing and was curious one day. I used Cydia on my jail broken iPhone and searched for metasploit and nmap and installed them both. I must say thought it is a bit difficult to use just do to the fact that it is an iPhone and screen size is limited, but none the less it works. As for a WiFi analyzer I use a App called WiFiFoFum pretty cool app. You should check it out. Good luck. Regards, Adrian On Tue, Oct 12, 2010 at 10:11 AM, Curt Purdy <infosysec () gmail com> wrote:OK, you want to tell us how in the heck you got a full-blown *NIX app like Metasploit to run on iphone? Needless to say it is jailbroken, but do you have a link to step-by-step? Are you using something like Cydia? Also, any recommendations from the list on the best WIFI analyzer for iphone out there? My one and only real complaint to Jobs, is his banning these apps. Really dumb, Steve. Curt Purdy CISSP, GSNA, GSEC, MCSE+I, CCNA On Tue, Oct 12, 2010 at 6:01 AM, Adrian J Milanoski <amilanoski () gmail com> wrote:Sorry forgot plain text my bad. I have a iPhone 3GS and have Metasploit and nmap installed on it. Haven't tried aircrack-ng on it but I would assume since it is unix based it would work. Good luck. Regards, Adrian-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko +380503116172 skype: gpaharenko --- --------------------------------------------------------------------- This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org --- ---------------------------------------------------------------------
- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org - ------------------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.10.0 (Build 500) Charset: US-ASCII wsFVAwUBTLx89B2oBrjIm4qhAQiWYg//Rzq89vcVnUbbqikQfZFg9ke50tM85hwq s3FKG98OSyx6jhoedGIwMfYCSTNuKev5el3mvMABmecgC8hht3jQYaaAsdoG7bag 7+/qwVK3e7tGxkc4754f996PmVFdzY95Nmu+x0bUfG6mSqTXHDTQHIfPmIupfPqx kcPIkkFFYaIiuYI2q+XJ4cRUTdbPUDZUpp/HrA9YrCaSUBHOoieWMvxNNHKXsjU2 vBu3btztE2ZrbhNvDgb3EIz8YSVqZg8a56bKWvThlO8mvhUrMroM8rGp+X6Kn31/ F1R9rtnmAMTaSLVb3qtViY+i+a2JY2swRuWhs1N7JeSKQbe42j4s3iV/zqbreLgH fKvlrlAzLa8I9X5479nvrTDPjx5qNlYg+GerO7VF7XKCOE4V9hc5sjjUBJtMZx7t dS16pOV8crYFCgTALikhnrJ0JfZxyOAOvnjaBUfyO17h6JnEEayrKYiLMInFcB9f 46naXuLTueFshxLcdFssBVuj1ftq8qS+Nv+YMVExga8Qp32wBklauZljqtlyZfS+ I1SCy/8Flo/I/rGJxiVjTEwVRFAaEx0KyfaaGuaRoWhR/65cGydYjTPZxFWR/bAx pktHu5KK4UAF+9ZeVfvLxQpqgXfcYM43I+VJ1KHdXQ5noiInNmrPCOp6PY5+TAYS wAYezah0Sys= =ri5g -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- RE: Smart-phone for pen tester Brad Bemis (Oct 18)