Penetration Testing mailing list archives
Re: pentest documentation
From: IndianZ <indianz () indianz ch>
Date: Mon, 2 Oct 2006 22:39:42 +0200
Hi there You can use open source tools: - logging packets with tcpdump (tcpdump -i ethX -nv -s0 -w FILE.pcap -> additional you can use a net or host filter) - console-logging with script (script FILE.txt -> Ctrl+D for exit and save) - pipe the output from testing tools into a txt-file (or use a script with tee -a $log) my 5 cts, cheers, IndianZ http://www.indianz.ch On Mon, 02 Oct 2006 20:55:56 +0200 "Jürgen R. Plasser" <plasser () hexagon at> wrote:
David Swafford wrote:I have not used this personally but I have seen it demonstrated in an ethical hacker training: A commercial product by the name of Core Impact. It's capabilities are enormous as it can capture the entire packet flow, key commands, and all the necessary info and then break it out to nicely written reports. Link: www.coresecurity.com/products/coreimpact/I've heard of Core Impact and even tried to get a price info. Their sales dpt did not respond ... It would be nice to have some open source tools for this tasks. Jürgen ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation David Swafford (Oct 02)
- Re: pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation Andres Riancho (Oct 02)
- Re: pentest documentation IndianZ (Oct 02)
- Re: pentest documentation Jason Ross (Oct 02)
- Re: pentest documentation Jürgen R. Plasser (Oct 03)
- Re: pentest documentation Jürgen R. Plasser (Oct 02)
- Re: pentest documentation David Swafford (Oct 02)
- Re: pentest documentation Tonnerre Lombard (Oct 03)
- <Possible follow-ups>
- Re: Re: pentest documentation krymson (Oct 02)
- Re: pentest documentation David Ball (Oct 03)