Professional Documents
Culture Documents
Best of Network Penetration Testing Tools
Best of Network Penetration Testing Tools
Penetration Testing
Tools
January 2009
PaulDotCom Enterprises
- PaulDotCom Security Weekly Podcast
PaulDotCom Community
- Forum, IRC, Hack Naked TV, Wiki, Mailing List
http://pauldotcom.com/events/
http://pauldotcom.com January 2009
The Challenge
- Service identification
- OS identification
- Traceroute
- Supports IPv6!
http://pauldotcom.com January 2009
Nmap (2)
- ./configure --with-smbmount
Other Tools
- http://oss.coresecurity.com/projects/pshtoolkit.htm
- http://www.truesec.com/PublicStore/catalog/Downloads,
223.aspx
Well.. No.
Check out Mark Baggetts site
- http://markremark.blogspot.com/2008/12/msfencoding-
tips-and-sans-cdi.html
Psychology
- Test multiple accounts with one password
- Arp spoofing
- Network sniffing
- Wireless scanning
- VoIP
http://pauldotcom.com January 2009
Cain & Abel (2)
Why?
- Effectively become a connection relay
RDP MITM
- Sniff, ARP scan, spoof (or span port)
- Detects RDP sessions, Displays under APR
- May throw a warning to the user
- Who says yes anyways? Yes, just about everyone...
Captures output from RDP session (including keystrokes)
- Stores in c:\Program Files\Cain\RDP
- Output not friendly
- Try IronGeeks output parser for typed commands: http://
www.irongeek.com/i.php?page=security/cain-rdp-mitm-parser
VOIP Sniffing
- Sniff, ARP scan, spoof (or span port)
Presentations: http://pauldotcom.com/
presentations.html
Forum: http://forum.pauldotcom.com/
Email: psw@pauldotcom.com