Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: Tenable PVS on a pen test
From: David Maynor <dave () erratasec com>
Date: Mon, 6 Jan 2014 05:44:35 +0000

Simple seems best for me. I like to run PVS on a VM running at the same time as my attack VM. That way it doesn’t 
matter where my target is I am getting the front/back analysis. It works really well in this config along with a Kali 
image. You have no idea when a ../../.. at the most random time will get you a word file back. PVS is really good a 
keeping this straight for you.

I am trying to finish up a blog post about pentesting with PVS that covers a lot of this.


On Jan 2, 2014, at 9:08 AM, Ron Gula <rgula () tenable com> wrote:

We’ve had a lot of interest in PVS from the pen tester community. 

As a sniffer, you should deploy it on a span port, but that isn’t always an option. 

If you can deploy it on a heavily visited system, you can run it there. The PVS runs fine on Sharepoint, Exchange, 
.etc and it will fingerprint and record the vulns of all systems that visit it over HTTP, SMB, .etc. 

The most ideal deployment of the PVS is with cooperation from the team you are doing the audit on. I’m obviously a 
big fan of PVS’s ability to find vulns, but what is more valuable is finding targets for the pen test including 
enumeration of all web sites, active but fire-walled hosts and management ports like SSH, SNMP & Telnet. 

Ron


From: Larry Petty <lspetty () gmail com>
Reply-To: PaulDotCom List <pauldotcom () mail pauldotcom com>
Date: Monday, December 23, 2013 at 6:57 PM
To: PaulDotCom List <pauldotcom () mail pauldotcom com>
Subject: [Pauldotcom] Tenable PVS on a pen test

I'm a long time nessus user and love it. (I am forced to use Qualys for MSSP clients due to Tenable licensing,  but 
that's a different topic.) I recently purchased a PVS license and have been using it with great success on security 
arch reviews and internal vulnerability assessments.

I know some are using PVS on pen tests. How is this being employed without the use of a network tap or span port?  In 
my experience,  most customers won't allow these on a pen test.

If only I had a sonic screwdriver.  :)

Sent from my Nexus 7

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]