Jürgen R. Plasser wrote:
> Hi All,
>
> How do you document and log the pentest session itself?
>
> I want to document the pentest process in detail, not only for the
> customer, but for later reviews and to avoid legal difficulties.
>
> What are the best tools to accomplish that or do you even record the
> sessions on video with a camcorder? Or some kind of screen recorder?
>
> Thanks,
>
> Jürgen
Same as when you do forensics, record the whole session, input and
output, write it out to a text file, file command and last commands are
time/date.
Then provide an md5 of the whole thing.
Cheers
--
Gareth Davies - ISO 27001 LA, OPST
Manager - Security Practice
Network Security Solutions MSC Sdn. Bhd.
Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara,
Mont’ Kiara, 50480
Kuala Lumpur, Malaysia
Phone: +603-6203 5303 or +603-6203 5920
www.mynetsec.com
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Received on Oct 02 2006
Intro
