Re: Need help in making penetration testing tool

[baumgartner () oneconsult com]

Hi, 

Your idea of combining several functionalities is not so new. So called 
vulnerability management tools and systems (e.g. SkyBox) combine assessment 
tools like vulnerability scanners (e.g. Nessus, GFI Languard, Retina), port 
and network scanners (e.g. Nmap) with security patching funcionality. 

But the idea, to combine pen test tools with intrusion detection and 
prevention is knew (as far as I know). But I would not combine such 
functionalities because pen testing and IPS are following different 
approaches. A pen test searches for all (technical) security weaknesses and 
flaws in the target systems (configuration, firmware, os, applications, 
services in use, patching level, etc.). An IDP/IPS analyses the network 
traffic based on patterns. 

I would recommend to take a look at the open source tools nmap 
(www.nmap.org), nessus (www.nessus.org) and snort (www.snort.org) to have an 
idea of the complexity of state of the art security scanners and ids/ids. 
Maybe you might code a control cockpit for (open source) security scanners 
and idp/ips. 

Regards, 

Christoph Baumgartner 

--
OneConsult GmbH
IT Security & Strategic Consulting
Christoph Baumgartner
lic. oec. publ., OPST
CEO 

Zürcherstrasse 73, 8800 Thalwil, Switzerland
Tel.: +41 43 443 52 52 - Fax: +41 43 443 52 62
baumgartner () oneconsult com - www.oneconsult.com 


mh_omair () yahoo com writes: 

> HEllo;
>    By the way l I am new to  this list.... iam final year  student of computer science...my final year project is a penetration  testing tool.. actually we are trying to merge capabilites of both pen  test tool and IPS(not just providing testing but remedies too).. i  donot know if i 
> am thinking in wrong way....
>   I donot know where to start...please tell me some suggestion and resources that can  help me in my project...right 
> now i need good basics and then advance concept... i believe if i can pentrate a system than it would be easy to close 
> that doors for others.
>   
>   Waiting for poistive response..... 
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic 
>
> Concerned about Web Application Security? 
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
> Choice Award from eWeek. As attacks through web applications continue to rise, 
> you need to proactively protect your applications from hackers. Cenzic has the 
> most comprehensive solutions to meet your application security penetration 
> testing and vulnerability management needs. You have an option to go with a 
> managed service (Cenzic ClickToSecure) or an enterprise software 
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
> help you: http://www.cenzic.com/news_events/wpappsec.php 
> And, now for a limited time we can do a FREE audit for you to confirm your 
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------ 

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------