RE: Pentesting lab
- From: "Swaminathan, Balaji" <Balaji.Swaminathan@xxxxxxxxxxxxxx>
- Date: Thu, 31 Dec 2009 00:33:20 +0530
Just curious to know if there are any distros for Windows like DVL for
Linux Probably with all the necessary packages like SQL, IIS, Exchange,
ASP/Dot Net etc inbuilt...?
Would be really great if someone can throw light on this.
Regards,
Balaji Swaminathan .M
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Robert Portvliet
Sent: Tuesday, December 29, 2009 5:41 AM
To: s3c.b3n
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Pentesting lab
In terms of webapp testing there's GOAT from OWASP, MOTH from Bonsai
Sec, Mutillidae from IronGeek, DVWA (Damn Vulnerable Web App) and the
'HackMe' series from Foundstone.
On the network side there's the De-ICE LiveCD's and DVL (Damn
Vulnerable Linux), also VMWare's marketplace has a bunch of VM images
you can download.
On Thu, Dec 24, 2009 at 9:09 AM, s3c.b3n <securitybender@xxxxxxxxx>
wrote:
Hi all,------------------------------------------------------------------------
I'm just starting my career a security specialist. I'm interested in
creating my own penetration testing lab. To test exploits (metasploit
epically) I need some targets (vulnerable servers). Are there such
servers (VM images or ISOs) for general services like OWASP for web
apps? or are there any scripts or applications that can create those
vulnerabilities.
My main goal is to get familiar with the existing tools.
Thanks
--
s3c b3n
This list is sponsored by: Information Assurance Certification ReviewBoard
actually do a proper penetration test. IACRB CPT and CEPT certs require
Prove to peers and potential employers without a doubt that you can
a full practical examination in order to become certified.
------------------------------------------------------------------------
http://www.iacertification.org
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board
Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Follow-Ups:
- Re: Pentesting lab
- From: Prince Pro
- RE: Pentesting lab
- From: Elliot Fernandes
- Re: Pentesting lab
- From: s3c.b3n
- Re: Pentesting lab
- Prev by Date: Properly Arp Cache Poisoning
- Next by Date: WASC Announcement: WASC Threat Classification v2.0 Published
- Previous by thread: Re: Pentesting lab
- Next by thread: Re: Pentesting lab
- Index(es):
Relevant Pages
|
