Re: Network Exploitation Tools

From: Andy Cuff (lists@securitywizardry.com)
Date: Sat Sep 04 2004 - 17:39:28 EDT

• Next message: Chris Brenton: "Rogue activity methodology (was: Tool to find hidden web proxy server)"
• Previous message: Alvin Oga: "Re: Patch management tool - pen-test"
• In reply to: Iván Arce: "Re: Network Exploitation Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Ivan,
http://securitywizardry.com/exploit.htm
Thanks for the response, I agree with you that the functionality of the
three products varies greatly, but it is because of their value, that I
wanted to break them away from being categorised as merely network
vulnerability scanners. Any more granular and I'd have had to create a
separate category for each product. I hope that the current placement will
be seen as a compromise until other products arrive on the scene that may
warrant further distinctions.

Cheers
-andy cuff
Talisker's Computer Security Portal
Computer Network Defence Ltd
http://www.securitywizardry.com
----- Original Message -----
From: "Iván Arce" <ivan.arce@coresecurity.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, September 02, 2004 11:41 PM
Subject: Re: Network Exploitation Tools

> darbean@cetin.net.cn wrote:
>
> > In-Reply-To: <200408191906.45416@M3T4>
> >
> >
> >
> >Would you please give me any hints for the keyword to search
> >the so-called "fuzzing/exploit frameworks" and "complete pen-test
> >framework" as you mentioned? I am interested and just can't find
> >what you mentioned by google :( As I known, Core Impact had ever
> >declared to be an "Automated Pen-test Framework" in its early
> >version. In the meaning of covering the whole proceeding of pen-test
> >from scanning to exploiting, "exploits framework" should be the main
> >important part of "pen-test framework".
> >
>
> Well, that is at least debateable
>
> Since you mention CORE IMPACT I'd like to point out some differences
> and some concepts around it.
>
> CORE IMPACT covers the entire process of a network penetration-test
> according to our own methodolody. Eveybody has one, right? We call
> ours RPT (Rapid Penetration Test) and we believe it does cover most
> of current best-practices around network pentesting.
>
> But I believe it would be a consensus that as part of a penetration
> test you need to do some sort of information gathering and network
> fingerprinting of the target network, find and exploit vulnerabilities,
> leverage access on compromised systems to escalate privileges and/or
> compromise other systems that were not accesible from the original
> attackers launching pad, produce deliverables (reports) and leave
> everything as it was before you started the penetration test (clean
> up of tools and other stuff you changed/uploaded to compromised
> systems).
>
> Exploits and exploit-frameworks are an important part of that
> entire process, but not the only part and perhaps not even the
> most important one.
>
> In the case of CORE IMPACT, we try to cover and automate the entire
> process, the exploits (local and remote) bundled are used in
> that process and you can use them manually as well.
>
> Also note that an "exploits framework" can be used for things other
> than just penetration testing such as testing IDSes and firewalls
> or weeding out false positives/negatives from vuln. scanners and
> patch deployments.
>
> It might or might not be appropiate to put Metasploit, CANVAS and
> CORE IMPACT on the same category, but they do have huge differences
> in functionality, feature set, usability, support and maturity.
>
> The common denominator is that the three of them ship with exploit
> code.
>
> -ivan
>
>
> ---
> To strive, to seek, to find, and not to yield.
> - Alfred, Lord Tennyson Ulysses,1842
>
> Ivan Arce
> CTO
> CORE SECURITY TECHNOLOGIES
>
> 46 Farnsworth Street
> Boston, MA 02210
> Ph: 617-399-6980
> Fax: 617-399-6987
> ivan.arce@coresecurity.com
> www.coresecurity.com
>
> PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A
>
>
> --------------------------------------------------------------------------

----
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a
course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------------------
-----
>
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: Chris Brenton: "Rogue activity methodology (was: Tool to find hidden web proxy server)"
• Previous message: Alvin Oga: "Re: Patch management tool - pen-test"
• In reply to: Iván Arce: "Re: Network Exploitation Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT