Home page logo

pen-test logo Penetration Testing mailing list archives

Article on Pentesting Study Frameworks
From: Felipe Martins <martins.felipe.security () gmail com>
Date: Fri, 15 Apr 2011 00:19:17 -0300

Hi there,

I'm planning on developing an article about pentest study frameworks, with a full description and test on each one. Till now I've traced the following:

  . WEB
- WebGoat, (https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project)
     - Gruyere (antigo Codelab), (http://google-gruyere.appspot.com/)
     - DVWA (Damn Vulnerable Web App), (http://www.dvwa.co.uk/)
     - Hacme, (http://hacmegame.org/)
- Multilidae, (http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10)
  . War Games
     - Hack This Site (http://www.hackthissite.org/)
     - Over the Wire (http://www.overthewire.org/wargames/)
  . Insecure Distributions
- Metasploitable, (http://blog.metasploit.com/2010/05/introducing-metasploitable.html) - de-ICE, (http://de-ice.net/hackerpedia/index.php/De-ICE.net_PenTest_Disks) - Moth (Bonsai Security Software), (http://www.bonsai-sec.com/en/research/moth.php)
     - PwnOS, (http://www.neildickson.com/os/)
     - DVL, (http://www.damnvulnerablelinux.org/)

    Do you happen to know any other pentest study framework ?

Thanks in advance.

Felipe Martins
Security Analyst

Skype: martins.felipe
URL: http://www.felipemartins.info/
E-mail: martins.felipe.security () gmail com

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]