Home page logo
/

basics logo Security Basics mailing list archives

RE: Automated penetration test
From: "Rui Pereira (WCG)" <wavefront1 () shaw ca>
Date: Fri, 3 Apr 2009 09:29:33 -0700

No,

There are tools that would do that (autopwn). Metasploit Framework itself
has that capability (sort of) - see
http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html
and http://digg.com/d18BYD. Fast-Track in BT3 has menus for this and more
(see also https://www.securestate.com/Pages/Fast-Track.aspx). 

Also look at SAINTExploit (some $)
http://www.saintcorporation.com/products/penetration_testing/saint_exploit.h
tml 

Core Impact ($$$) has similar functionality and is far easier to use (GUI). 

There may be others but these are the ones I am familiar with.

Thank You
 
Rui Pereira,B.Sc.(Hons),CIPS ISP,CISSP,CISA,CWNA/CWSP,CPTS/CPTE
Principal Consultant
WaveFront Consulting Group
 
wavefront1 (at) shaw.ca | www.wavefrontcg.com | ....
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of David Gillett
Sent: April 2, 2009 11:52 AM
To: p.valera () pucp edu pe; security-basics () securityfocus com
Subject: RE: Automated penetration test

  That's not a "penetration test".  That's a "vulnerability scan", 
and if you Google on "vulnerability scanners" you'll have lots to
choose from.

David Gillett
 

-----Original Message-----
From: >p3dRø< [mailto:p.valera () pucp edu pe] 
Sent: Wednesday, April 01, 2009 10:29 AM
To: security-basics () securityfocus com
Subject: Automated penetration test



Hello,

I need to make an automated penetration test in a network. 

I always find tutorials about one especific exploit, in 
metasploit framework, for example. I need a tutorial for 
automated test with all the exploits as possible just 
especifying the subnet, for example 192.168.1.0/24. I mean, 
is there a program that could do this? :

./program -allexploits 192.168.1.0/24

or in few steps do that ? (text mode, web? )

The tool doesn\'t matter: backtrack, metasploit, but I need 
to launch the automated penetration test as I mentioned. 

Someone knows a good tutorial or link about that ?

Thanks in advance,
Pedro 
         


--------------------------------------------------------------
----------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this 
fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring 
"talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, 
CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
--------------------------------------------------------------
----------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year?
Check out the online information security courses available at InfoSec
Institute. More than a boring "talking head", train in our virtual labs for
a total hands-on training experience. Get the certs you need: CEH, CPT,
CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------

No virus found in this incoming message.
Checked by AVG - www.avg.com 
Version: 8.0.238 / Virus Database: 270.11.35/2033 - Release Date: 04/02/09
19:07:00


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]