satish.lx wrote:I heard about some limitation of exam like you can't use it something like that.
You can't use vuln tester, metaexploit etc. Anybody has full list?
If you can't use vuln tester then how could you find holes? And second question is sometime bruteforse cracking take time like hours or sometime days so how it going to work? If my machine is not enough powerful .. Sorry I'm
asking stupid question but these question really does matter for me. Hopeing good answer.
If you had used a vuln tester during OSCE, you would've completed none of the challenges at all. PWB aka Penetration Testing / PenTesting With BackTrack is a course designed to learn you WHY you should NOT use vulnerability scanners, but learn to use the tools manually, eliminating false positives.
It's quite simple:
- Enumeration (A scanner does this automatic for you.)
- Version banner grabbing (A scanner does this too, and looks the version banner up in a database.)
- Exploitation / Confirmation (This can crash a target service. Some scanners will attempt exploitation, but not all.)
Therefore, if you're going for OSCP: Make sure you understand the course material, and that you've played in the labs as well, without the vulnerability scanners. You _don't_ need them. They're handy, and can help you during some tasks, but you can
fine without, if you just learn to use the tools in e.g. BackTrack.
If you want a book, which also reminds you about why you shouldn't just use a vulnerability scanner, then read: The Penetration Testers Open Source Toolkit vol. 2
I know, it's not completely brand new and it's a couple of years old. Some of the syntax for commands may be outdated, but it's still useful and I still recommend it. Heck, even I just read it for fun sometimes. Well, I'm actually skipping through it to refresh parts I may have hidden far away, or to get new ideas just by looking at various examples.
So, if you eliminate the vulnerability scanner from your toolbox. What is pentesting aka penetration testing? That is called methodology, and that is something you will have to learn, along with the necessary tools, such as (and especially) NMAP.
You can do a lot with NMAP alone, and a scripting language like Ruby, Python or Perl. (I use Python because it's easier, for me that is.)