|
Penetration Testing
mailing list archives
RE: Info collection
From: "Israel Torres" <israel.torres () ssplitronic com>
Date: Thu, 5 Aug 2004 17:56:03 -0700
Hi Jeff and list,
If you haven't already seen this top 75 list please check it out, it is an
invaluable list:
http://www.insecure.org/tools.html
Hopefully this is a little more informative :) <urls added> (everyone please
do the same)
Fport
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte
nt=/resources/proddesc/fport.htm
Portqryv2
http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-
A2D5-AC828BDC6983&displaylang=en
LADS
http://www.heysoft.de/Frames/f_sw_la_en.htm
Dumpwin
http://www.nii.co.in/research/tools.html#sysinfo
Lsof
http://www.securityfocus.com/tools/1008
Netstat -an / -ln
\Windows\System32\netstat.exe
Hfnetchk
http://hfnetchk.shavlik.com/default.asp
Msinfo32
\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo
Winmsd
\Windows\System32\winmsd.exe
Regards,
--- Israel Torres
-----Original Message-----
From: Jeff Gercken [mailto:JeffG () kizan com]
Sent: Wednesday, August 04, 2004 8:02 AM
To: pen-test () securityfocus com
Subject: Info collection
I am attempting to refine my methods of evaluating servers and am
wondering what information you all gather during an assessment on
various platforms. These would be run on the target machines with
privileged accounts (root or administrator). They should be scriptable
& statically compiled or at least not have any unusual dependencies.
Examples:
Fport
Portqryv2
LADS
Dumpwin
Lsof
Netstat -an / -ln
Tiger
Hfnetchk
Msinfo32
Winmsd
 By Date 
By Thread
Current thread:
|
Intro
