Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: WHERE DO YOU KEEP YOUR EXPLOIT ARCHIVE AND DATABASE

from [Jerry Shenk] Network Security [Permanent Link]
Subject: RE: WHERE DO YOU KEEP YOUR EXPLOIT ARCHIVE AND DATABASE
Date: Fri, 11 Feb 2005 11:13:44 -0500 
The whoopix live CD has a TON of stuff on it.  You might want to throw
that in your arsenal.  Obviously it won't have everything but, it does
have quite a bit.  One downside for what you're doing is that the entire
CD is an image so getting the files without booting the CD is more
difficult.  You might want to boot the CD, pull off the pentest library
and put that uncompressed on another CD that could be easily popped into
any running machine.

http://www.whoppix.net/download.php


-----Original Message-----
From: Steve A [mailto:steve@logicallysecure.org] 
Sent: Thursday, February 10, 2005 8:52 PM
To: pen-test@securityfocus.com
Subject: WHERE DO YOU KEEP YOUR EXPLOIT ARCHIVE AND DATABASE


Please excuse this pen testing admin type question . . . .
 
We are looking to undertake a series of penetration tests in areas that
preclude easy access to the internet (you know searching etc on the way
in and limited media movement both in and out).  
 
Now, although we keep our proven exploits with us on read only media, I
was wondering how others manage to identify what is exploitable and what
is not especially as you never know what you are going to find.
Basically, I am looking to build a database (hosting software tbd) and
was looking to see how others have tackled the problem of so many
exploits/vulnerabilities being out there and knowing what notices to
include and what to exclude.
 
Thanks
 
Steve A
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Data Mining for PIX Firewall Logs, Hill, Keith (Contractor)
Next by Date:  Advice for a spreadsheet macro that calls home?, marc spamcatcher
Previous by Thread:  WHERE DO YOU KEEP YOUR EXPLOIT ARCHIVE AND DATABASE, Steve A
Next by Thread:  Re: WHERE DO YOU KEEP YOUR EXPLOIT ARCHIVE AND DATABASE, K-OTiK Security
Indexes:  [Date] [Thread] [Top] [All Lists]