I've also gotten requests to run the Passive Vulnerability Scanner during pen tests (or more exactly, before the pen test) from a variety of folks who do that sort of thing for a living.
Since it is a sniffer, if you can get it deployed ahead of time, you can get a great deal of intelligence without impacting anyone and have a very good sense of your targets and vulns before you start exploiting anything. Ron From: "Albert R. Campa" <[email protected]<mailto:[email protected]>> Reply-To: PaulDotCom List <[email protected]<mailto:[email protected]>> Date: Wednesday, August 28, 2013 9:39 AM To: PaulDotCom List <[email protected]<mailto:[email protected]>> Subject: Re: [Pauldotcom] Pwn Plug and Nessus The pwnieexpress pentest appliance can though. http://pwnieexpress.com/products/enterprise-pentesting-appliance Also purehate mentioned another device, i cant remember the name, in one of his talks this year. I saw it on irongeek's youtube channel. I think it was his pass the hash like a rockstar talk. On Wed, Aug 28, 2013 at 6:47 AM, alec brecher <[email protected]<mailto:[email protected]>> wrote: The pwn plug does not have the resources to run nessus on-board. Use the plug's reverse shell to proxy your nessus scans through the plug. -Alec -----Original Message----- From: Larry Petty <[email protected]<mailto:[email protected]>> Reply-to: PaulDotCom Security Weekly Mailing List <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Subject: [Pauldotcom] Pwn Plug and Nessus Date: Thu, 22 Aug 2013 13:51:17 +0000 Does anyone have experience remotely running Nessus with something like the Pwn Plug? I need something small that will reverse SSH back and allow me to remotely launch Nessus scans. I have heard of people using the Pwn Plug, but I'm curious as to the performance and accuracy of the scans. Larry Petty Office: 813.287.8887 x 1136<tel:813.287.8887%20x%201136> Mobile: Fax: 813.287.8688<tel:813.287.8688> Email: [email protected]<mailto:[email protected]> Tribridge Helping our Customers become more Productive, Profitable, Competitive and Secure The information contained in this message and its attachments is intended only for the recipient(s) named above. This information may be privileged and confidential in nature and protected by law. If the reader of this message is not the intended recipient, any further review, dissemination, distribution or copying of this information is strictly prohibited. If you received this communication in error, please delete the message with its attachments and notify the sender immediately. _______________________________________________ Pauldotcom mailing list [email protected]<mailto:[email protected]> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected]<mailto:[email protected]> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
