Re: Gear

["kevin horvath" <kevin.horvath () gmail com>]

personal preference but typically:
network:
2 laptops and remote access to beefy server with rainbow tables
wireless:
2 laptops
multiple (at least 2) wireless cards supporting RFMON and injection
and at least one for enterprise/AP mode
additional standalone ap for leaving onsite to dump/redirect traffic
ie other bad stuff during a longer engagemnt
atennaes and pigtails
optional pda for those covert walkabouts of the facility
gps/gps dongles
battery converter for wardrive
-can go kind of crazy with RFID devices and bluetooth hardware so will
leave this alone
voip:
can use ip phones but softphones will do the same and limit the things to carry
can bring your own switch but really not necessary as there are alot
better software programs out there to sniffing/vlan
hopping/stp,vtp,cdp injecting etc.
app:
no additional hardware

hope this helps.  This is all hacker preference and you will learn on
the job or from more experienced testers you work with.

Kevin

On 8/13/07, Peter Manis <manis () digital39 com> wrote:
> For your most common types of jobs or any type of job
>
> On 8/13/07, kevin horvath <kevin.horvath () gmail com> wrote:
> > What type of pen testing are you referring to?  wireless, network, app,
> > voip, etc?
> >
> > Kevin
> >
> > On 8/11/07, Peter Manis < manis () digital39 com> wrote:
> > > What do you carry with you when you are on the job?  I watched a video
> > > from Iron Geek showing multiple laptops, PDAs, etc and I was curious
> > > what items you have found to be important when going on the job.  In
> > > movies they show the glitz and glamor side of things with rollup
> > > keyboards and gadgets most people probably don't need, but do any of
> > > those things come in handy often enough to take them?
> > >
> > > At the risk of being laughed at have you heard of people going as far
> > > as bringing sonic ear type devices or similar surveillance devices to
> > > pull information that way?
> > >
> > > Please keep in mind I am very new to the world of pen testing so I
> > > really don't know what situations you can get into other than what I
> > > have heard, but I also heard the world was flat.
> > >
> > > PM
> > ------------------------------------------------------------------------
> > > This list is sponsored by: Cenzic
> > >
> > > Need to secure your web apps NOW?
> > > Cenzic finds more, "real" vulnerabilities fast.
> > > Click to try it, buy it or download a solution FREE today!
> > >
> > > http://www.cenzic.com/downloads
> > ------------------------------------------------------------------------
> > >

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------