Search the Community
Showing results for tags 'pen testing'.
Found 4 results
Hi all, i'm undertaking a project to determine which vulnerability scanning tools within Kali Linux are best suited for the job, there were three tools tested and these were, Nikto, Sparta and OpenVAS. The results that these scans returned when scanning metasploitable 2 with a Kali linux machine are as follows: Metasploitable 2 Nikto 15 Sparta 46 OpenVAS 144 These results are solely the number of vulnerabilities that were returned, OpenVAS seems to be the right choice but im looking for feedback to back up these results of whether this is accurate? or maybe whether the other tools have features that may give them an advantage over the other. Any feedback would be most welcome. Thanks.
Hi all i'm currently undertaking a project that involves exploiting a metapsloitable 2 machine and a windows XP machine running SP3, however the findings that i have found are that there are limited resources available when using metapsloit as there seems to be many step by step guides of how to complete an exploit but not enough information regarding troubleshooting. Do you think it would be beneficial to learning to explain more about each step of an exploit in terms of what each command does and if an exploit fails for there to be more information available about why it fails and workarounds for how to solve such problems. For instance when trying to exploit Windows XP with the popular ms08_067_netapi exploit the results for my conducted test just returned "Exploit Completed, but no session was created" Any feedback regarding this would be most welcome. Thanks.
I am the system admin at my organization and my director has asked me to conduct some penetration testing. Partly because he wants to make sure we are secure, and partly because I want to do it. Not sure if this is the right place to ask this, but are there any legal concerns around me doing any testing of our network and systems? Some testing would occur with internal access to the network, and some would be external attacks. I know not really a technical question, and if this goes somewhere else let me know. Thanks!