I just wanted some advice when pen testing a windows boxes is it better to use a windows platform ? or is Linux still the best platform to use regardless of the box ? If so what would you say are must have tools for windows ?
General discussion of ethical hacking concepts, experiences, ideas and certs.
MaXe wrote:Using automated tools alone, does not make anyone a real pentester in my humble opinion
For tools, you can pretty much just download BackTrack from www.backtrack-linux.org and you'll have 90-99% of all the tools you will ever need. (Besides those you might have to write yourself.)
sil wrote:MaXe, this isn't aimed at you at all. Just stating the obvious, there isn't any "one size fits all." I would love to see how many pentesters would be able to make do with just the system tools. NOT being able to download, install run whatever favorites they have. When one can do this with most systems, then one should pat themselves on the back period.
I've said it before: imagine being contracted to pentest a "contained" environment without being able to use whatever tools or operating system of your choice. What could you do? What could you do for recon on say a Windows XP machine with no nmap, wireshark, etc.? How would you enumerate the network? Same goes for Linux, BSD, etc., especially BT. When you feel confident on any system without tools, you can best believe the tool of choice would be whatever is available to you. NOT what you favorite.
Users browsing this forum: No registered users and 0 guests