2009-11-13 16:28 Abraham Takes Step Toward Integrating Penetration Test Tools


During the past few years, on our customer-engagements, we have been using our Collab infra to support synthesis of results and creating templates and workflows for systematic practical security analysis. Our approach in short:

  1. Collect data (with Clarified Analyzer and different third party tools, such as Nmap, Nessus etc.)

  2. Parse the data using different OpenCollab scripts, split it into a semantic pieces so that the data can be better assigned to the real environment (hosts, client's network documentation etc)

  3. Upload data using OpenCollab SDK + XMLRPC interface to a centralized collaboration environment (see CollabHosting for more details).

  4. Analyze
    • Create semantic visualizatons using graphingwiki

    • Create tabular presentations, which are tied to the customers system.
  5. Provide living reports for always up-to-date view to problems and their fixes.

Stumbled upon to a article which describes how others are now also working on a solution for penetration testers that's a first step toward ultimately integrating and correlating data among different types of penetration-testing products.

The problem, Abraham says, is that pen testers using multiple pen-testing tools have to manually examine and correlate their findings, a laborious and error-prone process. "I run into this all the time," he says. "A lot of different types of tools run on different systems and usually aren't integrated...We're providing a way for the penetration tester to extract information from a lot of different tools to leverage when performing a pen test.



-- jani 2009-11-13 13:32:13

return to the blog ...