RE: Penetration tool kit

From: Yan Bellerose (yan.bellerose@ubisoft.com)
Date: Thu Mar 16 2006 - 12:52:19 EST

Hi,

   On a Windows base, you can try with GFI Languard: Network Security Scanner http://www.gfi.com, Very usefull tools to find Velnerabilities, network share, active policies, users, application and a lot of stuff. The only problem, it's not free, but you can have a test version.
 
Yan

 
-----Original Message-----
From: Huzeyfe Onal [mailto:huzeyfe.onal@gmail.com]
Sent: 16 mars 2006 01:09
To: b1ivrj77
Cc: pen-test@securityfocus.com
Subject: Re: Penetration tool kit

Hi,
maybe it's a good idea to start with Backtrack Security CD(www.backtrack.org).
You can use all useful UNIX/Linux based security tools without no pain to install.

On 3/16/06, b1ivrj77 <philippe.rivest@sympatico.ca> wrote:
>
> I have read over the internet, books, pdf's and talk with a lot of
> people about security, hacking, cracking and pen-testing. Every time
> we always talk about the "Personal tool kit" that every one uses, may
> it be a complete or incomplete tool kit, the best or worst we all have
> some tools we like to use. Well I don't.
>
> I would'nt say I'm new to security but I can be so bold as to say, I'm
> good with theorical knowledge but pretty poor with practical ones. I
> want to start few pen-test on my own machine (to learn stuff up) at
> home and I'm not afraid of reading or learning things. But finding the
> right tool for the right job is for me the most difficult task in security.
>
>
> I see two approaches to my problem and I can explain them both with:"
> Give a man a fish; he is feeded for a day. Teach him how to fish, he
> is feed for life".
>
> I would like to know where I could find info & tip's on a Pen-tester
> tool box. And I do favor knowledge over script-kidding,
>
> Here the knowledge tool box I have:
>
> www.insecure.org
> http://www.securityfocus.com/
> http://www.sans.org/
> http://www.isecom.org/
> http://www.networkintrusion.co.uk/hacking.htm
> http://www.iss.net/
> http://www.defcon.org/
> http://www.snort.org/
> http://www.blackhat.com/
> http://www.whitehatsec.com/
>
> For the tool part, i know:
>
> Nessus
> Nmap
> Nc (netcat)
> Ethereal
> Hping2
> Brutus
> Enum+
> AccessDiver (got that one today from a previous email, really happy)
> Nbtscan
>
> I use a Windows based laptop and my most trusted Mandriva based laptop
> (linux)
>
>
> Any help would be greatly appreciated.
>
>
>
> Philippe Rivest
> A security student (self student)
>
>
> ----------------------------------------------------------------------
> --------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> As attacks through web applications continue to rise, you need to
> proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security
> penetration testing and vulnerability management needs. You have an
> option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> Download FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
> your results from other product. Contact us at request@cenzic.com
> ----------------------------------------------------------------------
> --------
>
> 

--
Huzeyfe ÖNAL
---
First Turkish Qmail book is out! Go check it.
Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti.
http://www.acikakademi.com/catalog/qmail/
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:42 EDT