Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Tech Insight: Free Tools For Offensive Security
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/21/2014 | 3:05:58 PM
Thanks for the great interview and live chat, JohnSawyer
For anyone who wants to get some additional insight about what it takes to be a penetration tester be sure to checkout Tim Wilson's Dark Reading radio interview with John: Day In The Life of a Penetration Tester. Lots of really interesting commentary from DR community members in the live chat that followed the broadcost. Here's the link.
johnhsawyer
50%
50%
johnhsawyer,
User Rank: Moderator
5/21/2014 | 1:15:10 PM
Re: prevalence?
Hi, Kelly.

Thank you for the question. Which clients use the tools? Well, if they're a client, then they've likely been subjected to all the tools as part of the testing we've performed for them. Whether or not they're actually using them is hard to say. I know of several specific examples where client's security teams perform regular recon looking for compromised credentials, defaced sites, employees posting sensitive information, etc. For that, they use recon-ng.

The rest of the tools I've seen used during specific demonstrations to show other IT groups within the company vulnerabilities and to prompt the other groups to fix those issues. A lot of this depends on the size of the team, how mature the team is (and the company), are they stuck in reactive mode or do they have time for proactive tasks, and other similar team attributes.

I'd like to see more security teams taking advantage of these tools as I think it would open their eyes to issues they're vulnerable to and help them fix issues before having a 3rd party tester coming in so the 3rd party's time can be focused on critical, high risk areas.

-jhs
johnhsawyer
50%
50%
johnhsawyer,
User Rank: Moderator
5/21/2014 | 1:00:19 PM
Re: PwnWiki!
Hey, Ed. Thanks for the comment. PwnWiki is a great resource. It's definitely come in handy on a few different pen tests. I need to get my updates sent in sometime soon but just haven't had the time to sort through my notes and get them into a pull request.

-jhs
Ed Moyle
50%
50%
Ed Moyle,
User Rank: Apprentice
5/20/2014 | 9:49:54 AM
PwnWiki!
Just wanted to say thanks for getting this started.  Nice to see PwnWiki getting some love.  
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/19/2014 | 6:46:46 PM
prevalence?
John, do many of your enterprise clients use these tools today? 
Hadetona
100%
0%
Hadetona,
User Rank: Apprentice
5/19/2014 | 1:22:16 PM
Very Helpful!
This article is very helpful i must say! Keep up the goof work!


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23270
PUBLISHED: 2021-04-12
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a lo...
CVE-2021-29302
PUBLISHED: 2021-04-12
TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution.
CVE-2021-29357
PUBLISHED: 2021-04-12
The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.
CVE-2021-3125
PUBLISHED: 2021-04-12
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its u...
CVE-2021-3128
PUBLISHED: 2021-04-12
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link...