Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Pentesting Tools & Checklists for you - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Pentesting Tools & Checklists for you
After conducting PT's over many years i have a nice collection of self made windows and linux tools (a few i already shared here: http://www.netprotect.ch/tools.html) which help you to conduct penetration tests. They cover some aspects which tool collections like backtrack or other cool dev's like nessus, metasploit couldn't do for me. All of them have never been published before. I will release five of each per month including source code to code.google. Here are some of the first uploads:

http://code.google.com/p/dns-information-gathering-tool/
http://code.google.com/p/android-security-demo-app/
http://code.google.com/p/ipv6-portable-portscanner/
http://code.google.com/p/smtp-security-scanner/
http://code.google.com/p/swat-web-security-scanner/

Since having the right tools is only a small part in doing pentests i also want to share something i have been working on with friends since many years and which i will upload soon: a web based plattform running within vmware that allows you to create your own testing checklists for auditors. you can integrate existing tools into the plattform, generate word reports for your tests and much much more. It helps to ensure some sort of a testing standart. I integrated all my checklists into the system and hope that many people will participate in uploading their checks to GTTA soon so every1 can win from such a plattform. Here is a sneak preview...please check it out and leave me your feedback to oli.muenchow [at] gmail [dot] uknowtheTLD.

http://www.netprotect.ch/GTTA.pdf
Anonymous

Sign Up for Free or Log In to start participating in the conversation!