Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] First step of a pen-test
From: Max Vision <vision () WHITEHATS COM>
Date: Wed, 20 Sep 2000 15:50:18 -0700

On Wed, 20 Sep 2000, Loschiavo, Dave wrote:
With checking out the website being a first step...

Does anyone know if there is a tool that will comb through a website to pull
nouns down into a dictionary file that you use for a customized dictionary
attack specific to that company?

I've been doing this, creating custom attack dictionaries for each
penetration test, for several years.  Nothing complex - just spidering all
html and sorting all found strings (sans html markup, although those
strings are already in my base dictionary).  I use proprietary tools, but
you could just as well use wget|find|strings|sort...

Picking out "nouns" is a bad idea - known words should be covered in
existing dictionaries.  The point of pulling down website/newsgroup
content is to find *unknown* terms and names specific to the company.

AFAIK, I'm the only auditor who has included this as a documented,
standard procedure for testing.  In any case, it is a valuable technique
that almost always yields results.

--
Max Vision Network Security        <vision () whitehats com>
Network Security Assessment         http://maxvision.net/
100% Success Rate : Penetration Testing & Risk Mitigation
Free Visibility Analysis and Price Quote for Your Network


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]