On Tue, 6 Nov 2001, Scott Seglie wrote: > I'm sure there is a more efficient way to do this. I realize that > there is research involved and hands on (work must be done...but for > the initial information gathering, is anyone going about it a > different way? Maybe a series of scripts? you may want to look into expect scripting this, ie conditional executions, interactions, etc ... CORE SDI is working on a new tool, Impact, which is based on their research on automated pen testing. they have made many presentations on it, including at blackhat this year. http://www.core-sdi.com/solutions/core_impact.html http://www.blackhat.com/ VERY cool stuff, these guys are REALLY bright. worth checking out, even if only to get some ideas. ____________________________ jose nazario joseat_private PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Nov 08 2001 - 10:45:04 PST