|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
christopher.riley
r-it.at
Date: Thu Sep 11 2008 - 01:49:05 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
It's hard to give a list of definitive tools because the base toolset is
so large and always changing.
I'd say the best bet would be to become familiar with Linux and the built
in tools (i.e. Netcat, tcpdump, etc) before moving onto things like
Nessus/openVAS and maybe Metasploit (once you understand what the exploits
do). Spending some time understanding the underlying protocols stack and
how DNS, TCP/UDP, ICMP work helps a lot as well (playing about with HPING
and tcpdump helps to learn this as you can send packets and see what goes
out and comes back in).
Also check out the various methodologies to get an overview on the
penetration testing process (OSSTMM or NIST 800-42 for example).
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html is also a
good resource.
Chris
pen-test-return-1078487087securityfocus.com
Gesendet von: listbouncesecurityfocus.com
11.09.2008 01:34
An
pen-testsecurityfocus.com
Kopie
Thema
Tools to use for Penetration Testing?
Hello
I am interested in getting started as a white hat hacker/pen tester.
I would like to know what tools I should get familiar with, and be
able to use to be a pen-tester.
I only know of a few at the moment, and of them, I only use 2 (NMap
and Wireshark).
Can I please receive recommendations on tools to use?
Thanks in advance,
Chip Panarchy
PS: I am currently in training towards my CCNA and (maybe) MCSE.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
----------------------------------------
Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908
Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken. Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden.
Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for exchange of legally-binding communications.
----------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]