I've spend much of the last several years doing application vulnerability analysis. It's a lot like pentesting, except instead of finding one path through an environment to take something of value, we find anything in an application that could be used to create that path. It's pretty cool.
Anyway, people that do vulnerability assessment use a lot of tools that help us find known vulnerabilities. There are many problems that are well understood - both
known flaws in existing software, and
patterns that cause problems in new software. These tools take the drudgery out of testing for all these known flaws, so we can spend our time looking for things that can't be scripted out easily, like business logic flaws.
There are a lot of tools out there, and many of them are crap.
TrustedSec,
Dave Kennedy's security consultency, has compiled a cool installer that collects the best of the best tools, all of their prerequisites, and those weird mappings that we all need to make our lives easy. It's called the
Pen Tester's Framework.
For the next several weeks, I am going to walk through most of the tools in the Pen Tester's Framework and give a developer's view into them. I'll break into lab machines, review code, look at usability, and generally make a mess of things. I hope you'll join me.
My environment will consist of my Acer Aspire S7 with Ubuntu 15 as the test machine, and mostly the
OWASP BWA as the target. I'll also probably be scanning the
FALE lab occasionally, and probably my own dev lab as well; I'll describe those as I use them.
To install the Pen Tester's Framework, you need to get it from Github. For the simplest solution in Linux, just install git (sudo apt-get install git) and then clone the repository with:
git clone https://github.com/trustedsec/ptf.git
In Windows, try the download link in Github. The URL you want to start with is https://github.com/trustedsec/ptf.
Once you have gotten the files in place you just need to execute the installer in Linux. That just means:
sudo ./ptf
use modules/install_update_all
That will put everything in /pentest. One thing I have to recommend is using this command often. These tools are updated constantly, and you should respect that. I ran into all kinds of problems with updates while writing the series. The tools need their updates!
The PTF is divided into several sections, and I am going to start with ... guess it ... vulnerability analysis! Pretty awesome, eh? I thought so. Some of these tools I know, and some are totally new. Looking forward to getting started.