From: Mark Ryan del Moral Talabis (talabis@gmail.com)
Date: Fri Jul 07 2006 - 02:56:34 EDT
Toggmeister,
Wonderful work. Perhaps this could evolve to a pentest model.
Cheers,
Ryan
Philippine Honeynet Project
http://www.philippinehoneynet.org
6 Jul 2006 19:08:58 -0000, Toggmeister@vulnerabilityassessment.co.uk
<Toggmeister@vulnerabilityassessment.co.uk>:
> Hi,
>
> I've been pen testing for a few months now and find that with all the tools out there and which tool to use on what I lose track. We also have new joiners to our organisation and to help with that I've STARTED to put together a help guide to a basic pen test, including what requirements are need for the test, tools to use on what, syntax, links to their sites etc.. I'm basically after:
>
>
> Constructive Feedback
>
> Helpful tips and pointers:
>
> Tools and Syntax for other ports not listed
>
> (I've done about 25 services so far)
>
> Other Suggestions
>
>
> Its available here:
>
>
> http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
>
>
> Its very busy, but I'm trying to be as verbose as possible to provide as much info as possible. Basically a one-stop shop for a newbie
>
>
> I've used freemind (thanks for the pointer nebs) http://freemind.sourceforge.net/wiki/index.php/Main_Page
>
> to generate this and I'm hoping may prove useful and a good reminder when I forget.
>
>
> Hope this helps. TIA
>
>
> Toggmeister
>
> http://www.vulnerabilityassessment.co.uk
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
>
-- The Philippine Honeynet Project http://www.philippinehoneynet.org ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:14 EDT