Penetration Testing mailing list archives
Re: One Big Review, One Small Script?
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 8 Nov 2001 13:39:27 -0500 (EST)
On Tue, 6 Nov 2001, Scott Seglie wrote:
I'm sure there is a more efficient way to do this. I realize that there is research involved and hands on (work must be done...but for the initial information gathering, is anyone going about it a different way? Maybe a series of scripts?
you may want to look into expect scripting this, ie conditional executions, interactions, etc ... CORE SDI is working on a new tool, Impact, which is based on their research on automated pen testing. they have made many presentations on it, including at blackhat this year. http://www.core-sdi.com/solutions/core_impact.html http://www.blackhat.com/ VERY cool stuff, these guys are REALLY bright. worth checking out, even if only to get some ideas. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- One Big Review, One Small Script? Scott Seglie (Nov 08)
- Re: One Big Review, One Small Script? Jose Nazario (Nov 08)
- Re: One Big Review, One Small Script? Alla Bezroutchko (Nov 19)
- <Possible follow-ups>
- Re:One Big Review, One Small Script? bluefur0r bluefur0r (Nov 08)