Hey,
although I am already working on some smaller projects and help out at others, I would like to start and work regulary on one big project.

Currently I have no specific project in mind, only some basic conditions I would like to follow:

• It should be related with penetration testing (on the offensive site) or reverse code engineering, as those are the topics I have most knowledge of and personal interest in
• Free, nothing to pay for others
• Although not necessary, it may be good if such a project is not available yet or at least not "good", e.g. i see no particular reason for me to write another metasploit
• It doesn't matter for me if it is something to program, automate, write, teach etc.

Some random thoughts and keywords I have in mind:

• framework for pentesting report
• setting up a lab environment
• guides
• vulnerable operating system, application, etc.
• Some kind of CTF
• some kind of training

Any suggestions or thoughts on this? Any help is much appreciated.
It is no problem if it is a bigger project.. i see this not only as a chance to help others in one way or another, but also to learn more myself, get "known", etc..so it doesn't matter for me if it takes a lot of time until it is finished.

Looking forward to comments on this.

Hiya.
I don't know if you've ever seen the De-ICE lab disks?
http://de-ice.net/hackerpedia/index.php/De-ICE.net_PenTest_Disks#Level_1_2

They are a set of disks based on Slax that are configured to be user as pen-test targets.
You get very little info on what you need to do, and you hack them...  Lot's of fun, and they're damned hard too! (Especially for a noob like me  )

Having looked around, there don't seem to be many things like them, so more would be nice...

Regards,

`ph0x

I've been toying with the idea of doing log cleaning tools for Solaris auditing logs in binary form.  The logs themselves don't seem so hard to clean, the harder part seems to be automating the location of ALL of your log entries and getting rid of them.  This is VERY time consuming in a manual fashion.  Of course if you can just clean the really damning stuff nobody is likely to even detect that an attack occurred, so maybe that is good enough.

Another place that I was looking at going was reverse engineering AV/firewall log file formats to create cleaning tools for these.  The big problem there is that most of these are locked open by the AV program (in windows) so you have to stop the service to clean, then restart (which invariably leaves a log message).  Still better than leaving the details of your exploit behind though.

•framework for pentesting report
Here is a good guide for understanding the type of things that are done during a test.
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
This includes a template for a sample report
http://www.vulnerabilityassessment.co.uk/report%20template.html

I've seen a few other samples as well and I know one sample was posted here last week (or so), but I don't have the link and I'm too lazy to find it.

•setting up a lab environment
Setup a virtual infrastructure and setup a bunch of machines. I know there are multiple threads covering this topic here on EH.net. I would recommend getting a server class machine (used, it is cheaper) and installing ESXi. Throw on a bunch of OS'es and other software. I can't give you good specifics here since it will depend on what you want to test. I would say at a minimum you should have a Windows XP box, a Linux box, and a BSD box. If you want a good box to test against add Damn Vulnerable Linux.

If you want to test against some vulnerable software download some old software from http://www.oldversion.com

You can also download some intentionally web apps grab Web Goat, Multildea (sp?) and Moth.

•guides
Not to be a jerk but google for what you want, if you need specific help ask and you shall receive. There are a lot of good guides out there for specific tools and apps. If you are looking for one is specific google for it and if you can't find it then ask.

•vulnerable operating system, application, etc.
(See Lab)

•Some kind of CTF
I’ll submit some details on the one I am working on and post it in a few months

•some kind of training
There are lots of sites that specialize in this. Lots of good videos on YouTube and Vimeo, but it can be a little harder to find. I suggest TheAcademyPro.com for some good videos.

We're working on VM lab setup guides and videos at security aegis pretty soon. One for webapp and one for network.

Should be good stuff

Hey ethicalhack3r,

We are featuring your project in our Webapp lab setup. It wont be out for a week or two (recording and uploading is most of time) but when it is finished our lab environment should have about 7 different targets one being yours.  Thanks so much =)

It'll be on our site and youtube, vimeo, etc.  We are using Mutildae, Webgoat, Damn Vulnerable Web App, Foundstones Hacme bank, casino, shipping etc, moth, webmaven, and securibench. Our attack platform will be SamuraiWTF.