Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Pen Testing Map
From: Emilio Valente <evalente () sdsc edu>
Date: Thu, 6 Jul 2006 15:59:51 -0700

Hi Toggmeister,
Thanks this is a very useful and complete Pen-testing guide.
FYI:
in your Cisco Tools page in the center you have snmp-fuzzer two times and p0f is missing on that list (although the same left-side tool list is correct) :-).

Emilio Valente CCNP, GCFA, GCUX, GCIH.

At 9:56 PM +0100 7/6/06, Mario Platt wrote:
Hi Toggmeister,,

I've done something a bit similar, it has some things that yours
doesn't have but I think yours is more complete. I will send it to
you, and if you want to post it or take some ideas from it, be my
guest

On 6 Jul 2006 19:08:58 -0000,
Toggmeister () vulnerabilityassessment co uk
<Toggmeister () vulnerabilityassessment co uk> wrote:
Hi,

I've been pen testing for a few months now and find that with all the tools out there and which tool to use on what I lose track. We also have new joiners to our organisation and to help with that I've STARTED to put together a help guide to a basic pen test, including what requirements are need for the test, tools to use on what, syntax, links to their sites etc.. I'm basically after:


Constructive Feedback

Helpful tips and pointers:

   Tools and Syntax for other ports not listed

   (I've done about 25 services so far)

   Other Suggestions


Its available here:

http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html


Its very busy, but I'm trying to be as verbose as possible to provide as much info as possible. Basically a one-stop shop for a newbie


I've used freemind (thanks for the pointer nebs) http://freemind.sourceforge.net/wiki/index.php/Main_Page

to generate this and I'm hoping may prove useful and a good reminder when I forget.


Hope this helps. TIA


Toggmeister

http://www.vulnerabilityassessment.co.uk

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]