RE: The Ultimate Toolkit...

• Previous message: Andrew Simmons: "Re: The Ultimate Toolkit..."
• In reply to: Mark Melonson: "The Ultimate Toolkit..."
• Next in thread: Holmes, Brian: "RE: The Ultimate Toolkit..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Mark Melonson" <blindtechie@yahoo.com>, <pen-test@securityfocus.com>
Date: Fri, 7 May 2004 11:46:14 +0200

Hi,

I think this really depends on your goal, doesn't it? You've mixed a
few things here and it looks like you're MSWindows focused (plus
Knoppix for the Linux tools you need). While it's a "fun" question, I
think it's probably a little too open-ended.

I think there are a few others looking to answer a similar question.
Although there are many good such LiveCD and LiveDisk releases:
http://www.linuxlinks.com/Distributions/LiveCD/. I like what Local
Area Security is doing (localareasecurity.com) with their Linux on CD
release and they're very receptive to improvements. Actually, we're
trying to find more help for them to do some interesting things. I
would like to have their little distro for use in our Hacker
Highschool Project.

Anyway, in this toolkit format, I would like to see:

1. The distro have a running DB which collects tool outputs from all
the tools it contains, meaning it has tables to support them by
default.

2. The distro contain the Mosix kernel patch so I can use it for
distributed computing regardless of the other systems around me for
password cracking and other cpu-intensive activities like datamining
the document grinding output.

3. Ability to use and update things from my choice location like
nessus plug-ins, SAINT and SARA updates, Nikto updates, virus
signatures, snort sigs, etc.

4. The ability to make mini versions of itself on the fly (like boot
disk or USB key) for harnessing the power of PCs without CD drives.

5. The ability to save data to a USB key, disk, or alternative
location on the network for data correlation (especially if used as
localized NIDS within a large network for forensic tracking).

6. Access to an online exploit database (or to tell it where to find
one).

7. Honeynet AND Honeytoken capabilities using a ram drive or external
source to look local. So I can boot up a honeypot on some network
machine and have it point to a load of honeytoken Excel sheets, memos,
or warez we can track through the IDS somewhere on the network or
Internet but it looks like it is coming from the honeypot.

And more but I don't have the list in front of me....

Most of the tools I am looking for would be the kind that you'll find
on most top 50 tools lists but what's important is that I have the
ability to create, send, and receive any type of packets, do local and
network forensics, do local and network intrusion detection, create
exploits, compile new tools, run Windows tools (WINE enabled?), and
facilitate my analysis as much as my data collection and testing.

These Live distros are interesting tools but they need to get more
creative and start being building blocks for the pen testers to be
creative with.

Perhaps we'll be looking at "LiveDVDs" but then again, why not? They
ae just as easily burned and passed around (but downloading might take
a little while).

Sincerely,
-pete.

Pete Herzog, Managing Director
Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.isestorm.org

> -----Original Message-----
> From: Mark Melonson [mailto:blindtechie@yahoo.com]
> Sent: Thursday, May 06, 2004 22:46 PM
> To: pen-test@securityfocus.com
> Subject: The Ultimate Toolkit...
>
>
> Hi all,
>
> I'm researching tools, and would like input on, what
> would be your ultimate toolkit be. I'm attempting to
> put together some resources! Be as specific as
> possible. I'm looking for tools that are somewhat
> portable i.e.: can be put on a CD and used w/o an
> install. For all platforms...
>
> My list:
>
> (OS Independant):
> -- Knoppix-STD
> (Windows):
> -- ntchpw [bootdisk]
> - NetCat (duh!)
> - RegAgeR (Automated enumeration and exploitation
> against weak Registries)
> - Scanline
> - Fpipe
> - Fport
> - Achilles
>
>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Win a $20,000 Career Makeover at Yahoo! HotJobs
> http://hotjobs.sweepstakes.yahoo.com/careermakeover
>
> ------------------------------------------------------------
> ------------------
> Ethical Hacking at the InfoSec Institute. Mention this ad
> and get $545 off
> any course! All of our class sizes are guaranteed to be 10
> students or less
> to facilitate one-on-one interaction with one of our expert
> instructors.
> Attend a course taught by an expert instructor with years
> of in-the-field
> pen testing experience in our state of the art hacking lab.
> Master the skills
> of an Ethical Hacker to better assess the security of your
> organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_trai
ning.html
----------------------------------------------------------------------
---------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Previous message: Andrew Simmons: "Re: The Ultimate Toolkit..."
• In reply to: Mark Melonson: "The Ultimate Toolkit..."
• Next in thread: Holmes, Brian: "RE: The Ultimate Toolkit..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]