RE: which is next step after using tools in penetration testing?

["Rafael Torrales Levaggi" <rtorrales () novared cl>]

Im almost 100% agree with that.
But I don't use remote exploits without testing it on local.
So, me advise is... 

If you are going to try an exploit, try to obtain a local copy of the
victim software first, and use the exploits on a lab.
Always read the code, at least it comments, its common of exploit
writers to include bugs in their code.

Otherwise... you will look like a monkey with a knife.

Saludos.


Btw: The next step is document all the process..



-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
En nombre de m.amit30 () gmail com
Enviado el: Sunday, March 01, 2009 5:17 PM
Para: security-basics () securityfocus com
Asunto: Re: which is next step after using tools in penetration testing?

hi manoj,
 To exploit a system you have to know the right vulnerability and right
exploit.to change exploit according to your needs you must have to know
how to generate opcodes..and for this one helpful tool is metasploit and
u can download exploits from milw0rm dot com..

Regards 
amit malik