Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re:One Big Review, One Small Script?

Re:One Big Review, One Small Script?

From: bluefur0r bluefur0r <bluefur0r_at_drea.ms>
Date: 8 Nov 2001 19:41:52 -0000

I found it very effective to learn perl and write simple scripts like a banner grabber, a ldap miner automater, dumpsec and net use automater, ect. This will definitly help you in the long run but hell even after I automated all of this I still end up waiting for those scans to finish up. Yes it's great to automate your stuff but man it sure can get boring on 100+ hosts. I'm seriously considering releasing my scripts in the near future but I'd like to get some of my "features" *cough bugs* worked out. It's great for me but i'd hate to release something that someone else had to fight with. I'll keep you updated ;). Also I was curious has anyone taken the time to go through all of the nessus plugins and change the output to a hrmm... grammatically correct version? I'm most likely going to need to do this in the near future but was wondering if someone already has and can share. Much appreciated!
blue

Op Tue, 6 Nov 2001 20:55:17 -0800 (PST) Scott Seglie <svs62312000_at_yahoo.com> geschreven:
>Currently, if I perform a network vulnerability
>assessment, I run multiple tools (nmap, iss, nessus,
>ping sweeps...etc.) While running tools, I simply
>gather basic information. As many of you know, it is
>very time consuming. Actual time typing in an IP
>address and a few commands is minimal, but waiting for
>the scans can take hours.
>
>I'm sure there is a more efficient way to do this. I
>realize that there is research involved and hands on
>(work must be done...but for the initial information
>gathering, is anyone going about it a different way?
>Maybe a series of scripts?
>
>If anyone has additional information or links I may
>research, please let me know.
>
>Your help is greatly appreciated.
>
>__________________________________________________
>Do You Yahoo!?
>Find a job, post your resume.
>http://careers.yahoo.com
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
>Service. For more information on SecurityFocus' SIA service which
>automatically alerts you to the latest security vulnerabilities please see:
>https://alerts.securityfocus.com/
>
>

=================================================================
Kies een origineel e-mailadres op www.emails.nl

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Nov 08 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]