RE: Newbie Hacker Tools

skill2die4_at_secguru.com
Date: 01/07/05

  • Next message: Ansgar -59cobalt- Wiechers: "Re: ssh key problem"
    Date: Fri, 7 Jan 2005 13:28:45 -0600 (CST)
    To: security-basics@lists.securityfocus.com
    
    

    This discussion reminded me of a quote from "Michael Sinz" :

    "Programming is like sex, one mistake and you have to support it for the
    rest of your life."

    Probably the same can be said for blindly using hacking/pentesting tools
    against clients ! Be intelligent and do a lot of RTFM before using these
    tools against anyone. :-) <<happy hacking>>

    Nessus
    ----------
    Introduction (article) - http://www.securityfocus.com/infocus/1741
    Scanning (article) - http://www.securityfocus.com/infocus/1753
    Nessus Network Auditing (book) - check amazon !
    Nessus Primer with the NessusWX Client -
    http://www.sans.org/rr/whitepapers/tools/1464.php

    Nmap
    -------
    Manpage - http://www.insecure.org/nmap/data/nmap_manpage.html
    NMAP: under the hood - http://www.secguru.com/forum/viewtopic.php?t=68
    introduction to nmap - http://members.dodo.net.au/~ps2man/Nmap/nmap.html

    And .. a nmap-nessus combined cheatsheet, which would help you till the
    time you dont cram up all those cmd options ;-)

    http://www.secguru.com/nessus-nmap-cheatsheet.html

    HTH,

    -=skillz=-

    .


  • Next message: Ansgar -59cobalt- Wiechers: "Re: ssh key problem"

    Relevant Pages

    • Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket
      ... How reliable have people here found nmap and nessus to be? ... encountered cases of nmap not finding ports, ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Pen-Test)
    • Re: Importing Security Product Output Into A Database
      ... A very incomplete list would include nmap, nessus, cisco, tipping point IPS, AD servers, syslog and checkpoint. ... Can you give examples about good SIM tools that do the work? ...
      (Security-Basics)
    • Re: Tool for sending malicious traffic to destination system
      ... scapy for packet crafting attacks, ... with nmap for packet crafting, ... automated tools like Nessus for a penetration test. ... If your goal is to spoof, ...
      (Pen-Test)
    • Re: Open ports
      ... Yaa I found this typical behavior with NMap & Nessus earlier when I did PT-VA. ... In that case it was because of the Weak configuration/Defect in Client's Application Proxy. ... Get 45 Min Video and PPT Slides ...
      (Pen-Test)
    • [SLE] Still having problems with Nessus/nmap on SuSE 9.0
      ... Nessus, a tool we rely on here to test servers before they go live, does ... Mads just posted an rpm of nmap 3.50 for me to try, ... I have been in contact with SuSE tech support who tell me ... but mostly it was "Complain to SuSE and get them to fix their kernel". ...
      (SuSE)