Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Rob Fuller (jd.mubixgmail.com)
Date: Tue Oct 29 2013 - 23:37:35 CDT
Meh, same questions are always asked of pretty much any purchase IT or not.
1. Does it do what I need it to do (give me control of the system)
2. Is it reliable (switching protocols and comm methods is a technical
3. Does it have enough oomph (highly technical term, amount of
I doubt very many pentesters will be asking for the features you have
described any time soon. I fear the day when pentesters start asking
FLAME/STUXNET questions like "Which $hardware/$software do you have a
Rob Fuller | Mubix
Certified Checkbox Unchecker
Room362.com | Hak5.org
On Fri, Oct 25, 2013 at 1:34 PM, David Maynor <daveerratasec.com> wrote:
> And also "How many exploits does it have?"
> Not everybody is a exploit expert and someone in the chain of command will
> ask if your arbitary value A is larger than competitors arbitrary value A.
> On Oct 25, 2013, at 11:54 AM, Dave Aitel <daveimmunityinc.com> wrote:
> > The future of penetration testing tools is coming up quickly, and all
> > the questions have changed on you.
> > For example, it used to be that you would ask:
> > o "How many exploits does it have?"
> > o "How fast can it scan a class B?"
> > o "Can it connect back over HTTPS?"
> > o "Can it bounce from host to host within the internal network?"
> > o "Can you automatically choose the right client side attack when people
> > connect to you?"
> > o etc
> > But here are some of the ones we're asking the INNUENDO dev team, which
> > I think are representative of the post FLAME/STUXNET world:
> > o "Is the local persistence store configurable between the registry and
> > file system or other covert data storage?"
> > o "Can I reconfigure the callback protocol on the fly during a file
> > transfer - and does this automatically happen if my HTTPS callback gets
> > suddenly blocked or shut down?"
> > o "How does it handle Citrix?"
> > o "Is the covert file storage automatically encrypted to C&C or is it
> > plaintext or what?"
> > o "Can I store exploit modules encrypted on the machine until the C&C
> > asks for them to be used?" (http://www.securelist.com/en/blog/208193781/
> > o "Does it come with the ability to do raw socket injection on Windows 8
> > x64?"
> > o "How do I write a MITM module?"
> > -dave
> > _______________________________________________
> > Dailydave mailing list
> > Dailydavelists.immunityinc.com
> > https://lists.immunityinc.com/mailman/listinfo/dailydave
> Dailydave mailing list
Dailydave mailing list