Penetration Testing mailing list archives
Re: Attack Server
From: Terry M <tmccork () gmail com>
Date: Wed, 8 Sep 2010 16:03:02 -0700
Another good vm for pre-configured web apps is the OWASPBWA (it includes DVWA). You might check that out. http://code.google.com/p/owaspbwa/ -Terry On Wed, Sep 8, 2010 at 9:51 AM, TAS <p0wnsauc3 () gmail com> wrote:
Hey Kurt, I end up responding to most of your emails :) If you are also looking at setting up vulnerable web applications in the lab then have a look at a comprehensive list complied at Http://securitythoughts.wordpress.com TASQ On Sep 8, 2010, at 20:34, "Kurt M. John" <kurt.md.john () gmail com> wrote:Hey Guys, I got another one for you. I'm looking to create a combination attack/testing server. The idea here is to have a server than can perform remote analysis and attacks (and perform such services as tftp). The server will also double as a testing server. Ideally I'd like to have a few VMs on there such as Damn Vulnerable Linux (for training) and Windows Server 2003 (for fine-tuning attacks before launching it against client systems). Currently the server has the following hardware specs: 4gigs of ram and 1TB of space. If you guys have any suggestions or links/documents which offer a good setup for what I described that would be great. Initial software I'm thinking includes: Windows Server 2003 VMWare Workstation Helix Backtrack4 Damn Vulnerable Linux Windows XP, 7 Thanks Guys Kurt M. John, CISA, C|EH, CPT http://www.applisoft.net ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Attack Server Kurt M. John (Sep 08)
- Re: Attack Server Robin Wood (Sep 08)
- RE: Attack Server Kettlewell, Nate (Kansas City) (Sep 08)
- Re: Attack Server TAS (Sep 08)
- Re: Attack Server Terry M (Sep 08)
- Re: Attack Server phillip () bailey st (Sep 08)
- Re: Attack Server Robin Wood (Sep 08)