Hi, doing quite a few pen tests these days, I've setup an environment for doing basic steps. Most often one gets a domain or a range of ip addresses (phone numbers) to pen test. Based on that some basic steps are done using decent tools like nessus, nmap, nsat, whisker, websleuth .... Now I am wondering wheather there's already a open source pen-test environment which includes those steps and uses as backend system above scanners. Included should be some reporting mechanism which categorizes found vulns (low, middle, high risk), includes separating by scan dates, has a LaTeX/ DocBook, HTML/XML output support. Maybe someone else has quite a few ideas, like building a whole linux distri which is just used for that. Thanks for any comment. Carl Bysen -- _______________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup 1 cent a minute calls anywhere in the U.S.! http://www.getpennytalk.com/cgi-bin/adforward.cgi?p_key=RG9853KJ&url=http://www.getpennytalk.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 09:52:43 PST