RE: pentest documentation

From: Jason M Frey (jmfrey@jcpenney.com)
Date: Tue Oct 03 2006 - 10:07:03 EDT

• Next message: Ben Anderson: "Re: pentest documentation"
• Previous message: William Woodhams: "RE: Re: pentest documentation"
• In reply to: Jürgen R. Plasser: "pentest documentation"
• Next in thread: Ben Anderson: "Re: pentest documentation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On UNIX/LINUX console sessions, use "script" and output to a text file. Use the "date" command to output the date and time of events (prior to running a command).

On Windows use a screen capture program, such as Snagit, and perform a capture of the screen at periodic intervals. Snagit allows you to take a screen capture automatically at periodic intervals (every 1 minute, 30 seconds, etc.) It also does Video and Text captures. However, for video captures, Camtasia is a better option. Both are provided by TechSmith.

Always use the logging features embedded into the tools you are using.

If you want to capture network traffic, Wireshark (formerly Ethereal) or tcpdump should be able to do this for you.

Use an md5 hash on the files or store in an archive (zip, rar, etc.) and md5 the entire archive. I recommend storing the files/archive on a CD using a Truecrypt (open-source) volume for encryption. This protects you and the client.

Jason

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On Behalf Of "Jürgen R. Plasser"
Sent: Monday, October 02, 2006 12:04 PM
To: pen-test@securityfocus.com
Subject: pentest documentation

Hi All,

How do you document and log the pentest session itself?

I want to document the pentest process in detail, not only for the
customer, but for later reviews and to avoid legal difficulties.

What are the best tools to accomplish that or do you even record the
sessions on video with a camcorder? Or some kind of screen recorder?

Thanks,

Jürgen

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete the material from any
computer.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Ben Anderson: "Re: pentest documentation"
• Previous message: William Woodhams: "RE: Re: pentest documentation"
• In reply to: Jürgen R. Plasser: "pentest documentation"
• Next in thread: Ben Anderson: "Re: pentest documentation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:05 EDT