lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <C3BF1340-5C2F-4144-B1FA-5E9F1E5AB15B@mtu.edu>
Date: Fri, 17 Sep 2010 12:54:41 -0400 (EDT)
From: rdsears@....edu
To: Eyeballing Weev <eyeballing.weev@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: New tool for pentesting

Seriously. The only reason CANVAS and IMPACT are still used is because  
of the 0-days that come packaged with them. Metasploit if far superior  
not only in exploitation, but post exploitation, persistance,  
networking pivioting, and just generally being a badass!

Can ANYTHING really compare to the meterpreter for pwning windows?  
They implemented remote kernel calls for gods sake! You have the  
ENTIRE windows API at your disposal with it, assuming you don't want  
to use one of the very awesome ruby scripts that come with it to  
manipulate your tokens or do remote route additions!

If I'm going to use any 'enterprise level vulnerability  
scanner' ::shudders:: it'll be Metasploit express, or MAYBE Nessus.  
Mainly just my brain though, which costs me nothing! If you're going  
to try to sell stuff like this, I wouldn't go where ACTUAL security  
people dwell, I'd go back to the netstumbler forums. You'd have better  
luck there.

On Sep 17, 2010, at 11:31 AM, Eyeballing Weev  
<eyeballing.weev@...il.com> wrote:

> Looking at that webpage is making me rage. I'm sending him an invoice
> for a new keyboard.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ