Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
0
Helpful
1
Replies

Penetration Testing

Imran Ahmad
Level 2
Level 2

‎05-13-2013 10:15 AM - edited ‎02-21-2020 04:53 AM

Hello experts,     

Im a CCIE, but Im totally new to the penetration-testing world, i dont know anything about pen-testing. some one (an external company) has asked me to do a penetration-testing on their  netwrok through internet. Can anyone advise me what to do ? is it just easy to download those penetration-testing tools like- nessus, nmap, metasploit and  start to do the testing on thier network???

I dont have any knowledge of Linux aswell,  please tell me what are the possible tools on windows to do the testing ?             

0 Helpful
1 Reply 1

James Leinweber
Level 4
Level 4

‎05-14-2013 07:08 AM

The specific tools you mentioned mostly run on Windows as well as Linux, and are a starting point.  However, until you gain some familiarity with Linux, more extensive toolsets such as "Kali Linux" will remain out of reach.  An implication from your posting is that the budget is small, so tools like "Core impact" or engagements with firms that routinely do pentests are presumably out of reach?

You will need a written agreement with the testee covering the scope of work and authorizing it; otherwise you are liable to run afoul of the computer abuse laws of whatever jurisdiction you are working in.  Are you allowed to inject data into web interfaces of production systems?  Seed the organizations parking lot with USB drives full of spear-phishing links?  Phone their service desk and attempt to get passwords reset for you?

-- Jim Leinweber, WI State Lab of Hygiene

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card