From: b1ivrj77 (philippe.rivest@sympatico.ca)
Date: Wed Mar 15 2006 - 18:58:35 EST
I have read over the internet, books, pdf's and talk with a lot of people
about security, hacking, cracking and pen-testing. Every time we always talk
about the "Personal tool kit" that every one uses, may it be a complete or
incomplete tool kit, the best or worst we all have some tools we like to
use. Well I don't.
I would'nt say I'm new to security but I can be so bold as to say, I'm good
with theorical knowledge but pretty poor with practical ones. I want to
start few pen-test on my own machine (to learn stuff up) at home and I'm not
afraid of reading or learning things. But finding the right tool for the
right job is for me the most difficult task in security.
I see two approaches to my problem and I can explain them both with:" Give a
man a fish; he is feeded for a day. Teach him how to fish, he is feed for
life".
I would like to know where I could find info & tip's on a Pen-tester tool
box. And I do favor knowledge over script-kidding,
Here the knowledge tool box I have:
www.insecure.org
http://www.securityfocus.com/
http://www.sans.org/
http://www.isecom.org/
http://www.networkintrusion.co.uk/hacking.htm
http://www.iss.net/
http://www.defcon.org/
http://www.snort.org/
http://www.blackhat.com/
http://www.whitehatsec.com/
For the tool part, i know:
Nessus
Nmap
Nc (netcat)
Ethereal
Hping2
Brutus
Enum+
AccessDiver (got that one today from a previous email, really happy)
Nbtscan
I use a Windows based laptop and my most trusted Mandriva based laptop
(linux)
Any help would be greatly appreciated.
Philippe Rivest
A security student (self student)
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:41 EDT