Thanks Don, and thanks to everyone who caught the webcast today.  Please post your questions and comments here; looking forward to hearing your thoughts!

-Josh

The live Q&A is asking about tools. Ed mentioned that he will do his best to list them here. To get you started, a number of great software can be found in our Tools Board.

Don

Hey guys, thanks for taking the time to do this presentation.  It was very helpful and informative.  I have a ton of question as I am new to the field, but I won't bother you with those.  My only real important question that I didn't hear much about during the presentation is hardware related.  I've had trouble getting the right wireless cards to work with software that I've tried in the past.  Do you have any recommendations as to which hardware to use for wireless testing?

Again, thanks for the webinar!

I’d also like to thank all those who joined us on the webcast today.  We really appreciate your interest and participation!  Thanks also to Core Security Technologies, our gracious webcast sponsor.

On the webcast, I promised I’d post a list of some of the tools we referenced.  This list isn’t exhaustive, but does represent the majority of the functionality we discussed.

BeEF, the Browser Exploitation Framework, by Wade Alcorn, available at http://www.bindshell.net/tools/beef

AirCSRF, “Air-Sea-Surf”, by Garland Glessner, not yet released publicly… stay tuned.

Yokoso!, by Kevin Johnson, et al, release imminent, to be available at http://sourceforge.net/projects/yokoso/

Samurai Web Testing Framework, by Kevin Johnson, et al, available at http://sourceforge.net/projects/samurai

Metasploit, by HD Moore, et al, available at http://www.metasploit.com

AirPwn, by Toast, available at http://airpwn.sourceforge.net/Airpwn.html

Of course, the techniques we discussed can be stitched together from any number of tools, but the items above were specifically mentioned and are very useful.

Hope this helps—
--Ed Skoudis.
InGuardians

Yokoso!, by Kevin Johnson, et al, release imminent, to be available at http://sourceforge.net/projects/yokoso/.

Yokoso! is a tool to identify the administrative interfaces used through fingerprinting techniques.  This can be helpful to sort through the page history of a browser controlled by a pen-tester to identify valuable targets to exploit (e.g. previously logged-in administrative pages).

-Josh

Unfortunately I was only able to make it until the last half of the presentation and I was wondering if it will be available online again for people to watch (such as the Pentest Ninjitsu series).  Thanks in advance.

Great webcast. Will also the slides be available soon??
Thanks so far.

EDITED: Thanks, found them. I'm looking forward to PART II. See you.