I like running PVS when I can, if not I will run tcpdump. It's good to have a packet log if you are doing anything deep. Not just from a CYA standpoint but also a "wow I suddenly have a password file and I don't know what I did to get it" log. I cannot count the number of times an app assessment hit serious pay dirt just messing around with wget and it took hours for me to notice let alone reproduce. PVS would have flagged a passed file download.
> On Aug 28, 2013, at 10:06 AM, Ron Gula <[email protected]> wrote: > > I've also gotten requests to run the Passive Vulnerability Scanner during > pen tests (or more exactly, before the pen test) from a variety of folks > who do that sort of thing for a living. > > Since it is a sniffer, if you can get it deployed ahead of time, you can get > a great deal of intelligence without impacting anyone and have a very > good sense of your targets and vulns before you start exploiting anything. > > Ron > > From: "Albert R. Campa" <[email protected]> > Reply-To: PaulDotCom List <[email protected]> > Date: Wednesday, August 28, 2013 9:39 AM > To: PaulDotCom List <[email protected]> > Subject: Re: [Pauldotcom] Pwn Plug and Nessus > > The pwnieexpress pentest appliance can though. > http://pwnieexpress.com/products/enterprise-pentesting-appliance > > Also purehate mentioned another device, i cant remember the name, in one of > his talks this year. I saw it on irongeek's youtube channel. I think it was > his pass the hash like a rockstar talk. > > >> On Wed, Aug 28, 2013 at 6:47 AM, alec brecher <[email protected]> wrote: >> The pwn plug does not have the resources to run nessus on-board. Use the >> plug's reverse shell to proxy your nessus scans through the plug. >> -Alec >> >> -----Original Message----- >> From: Larry Petty <[email protected]> >> Reply-to: PaulDotCom Security Weekly Mailing List >> <[email protected]> >> To: [email protected] <[email protected]> >> Subject: [Pauldotcom] Pwn Plug and Nessus >> Date: Thu, 22 Aug 2013 13:51:17 +0000 >> >> Does anyone have experience remotely running Nessus with something like the >> Pwn Plug? >> >> I need something small that will reverse SSH back and allow me to remotely >> launch Nessus scans. I have heard of people using the Pwn Plug, but I'm >> curious as to the performance and accuracy of the scans. >> >> >> >> Larry Petty >> >> Office: 813.287.8887 x 1136 >> Mobile: >> Fax: 813.287.8688 >> >> Email: [email protected] >> >> >> Tribridge >> >> >> >> Helping our Customers become more Productive, Profitable, Competitive and >> Secure >> >> The information contained in this message and its attachments is intended >> only for the recipient(s) named above. This information may be privileged >> and confidential in nature and protected by law. If the reader of this >> message is not the intended recipient, any further review, dissemination, >> distribution or copying of this information is strictly prohibited. If you >> received this communication in error, please delete the message with its >> attachments and notify the sender immediately. >> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
