From Paul's Security Weekly
Jump to: navigation, search

Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+

Link to Paul's Presentation: "Security Assessment Trends"

Audit/Penetration Testing Permission Slips

SANS Audit Policy - This one is from SANS and covers you as an employee of your organization, giving you permission to audit internal resources.

Pen Test Permission Slip - This one is from www.professionalsecuritytesters.org, a fantastic web site, and is geared towards the external penetration tester.

Nmap Speed Blog posting

Nmap For Speed Freaks

xsltproc Windows Port *NOT TESTED*


UMIT Instructions & Tips

Episode 46 - UMIT Nmap GUI

Nmap Documentation

Nmap Documentation Homepage

The Unofficial Nmap Book

Secrets of Network Cartography: A Comprehensive Guide to Nmap

Current Nmap Parser Example

Episode 55 Tool Spotlight: Finding Vulnerable Hosts with Custom Scripting

Grep'ing the Nessus Plugins Directory

Normal grep does not work:

  1. grep RPC *

bash: /bin/grep: Argument list too long

Argument lists have a maximum value, depending on which version of UNIX/Linux:

  1. getconf ARG_MAX


To grep long lists of files:

find . -name '*.nasl' -print0 | xargs -0 grep RPC

Memory allocation reference:


Nmap & Nessus Integration

Integrating Nmap & Nessus

Finding Wireless APs with Nessus Whitepaper