Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Pentesting lab
From: "Swaminathan, Balaji" <Balaji.Swaminathan () kla-tencor com>
Date: Thu, 31 Dec 2009 00:33:20 +0530


Just curious to know if there are any distros for Windows like DVL for
Linux Probably with all the necessary packages like SQL, IIS, Exchange,
ASP/Dot Net etc inbuilt...?

Would be really great if someone can throw light on this.


Regards,

Balaji Swaminathan .M


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Robert Portvliet
Sent: Tuesday, December 29, 2009 5:41 AM
To: s3c.b3n
Cc: pen-test () securityfocus com
Subject: Re: Pentesting lab

In terms of webapp testing there's GOAT from OWASP, MOTH from Bonsai
Sec, Mutillidae from IronGeek, DVWA (Damn Vulnerable Web App) and the
'HackMe' series from Foundstone.

On the network side there's the De-ICE LiveCD's and DVL (Damn
Vulnerable Linux), also VMWare's marketplace has a bunch of VM images
you can download.





On Thu, Dec 24, 2009 at 9:09 AM, s3c.b3n <securitybender () gmail com>
wrote:
Hi all,

I'm just starting my career a security specialist. I'm interested in
creating my own penetration testing lab. To test exploits (metasploit
epically) I need some targets (vulnerable servers). Are there such
servers (VM images or ISOs) for general services like OWASP for web
apps? or are there any scripts or applications that can create those
vulnerabilities.

My main goal is to get familiar with the existing tools.

Thanks
--
s3c b3n


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.

http://www.iacertification.org

------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]