BacktrackClinicstartedwiththemergerofftwoseparatesecuritybaseddistribution, whichwas a C auditorssecuritycollectionandVAX, alsocalledTopics, whichis a pentestingdestrofromNApicksclinicsovertheintroductionoffCarlyLennoxandtheOASshifteditsbasefromNApickstoDebianstable.
First, thedistributionchangeitsreleasestrategyfrom a fixedreleasedto a rollingrelease.
ThebaseoffthedestroyedchangefromDebianstabletoDebbieIntestineandalsoCarlystartedreleasinginfivenewdesktopenvironmentbasedflavors, whichareKatie, Marta, Alexeyexcept C and E 17.
Allthetoolsareneatlyarrangedintherespectivecategoriesbasedonthestageisoff a pentestlikeinformationgatheringcontainallthetoolsthathelpsyoudoreconnaissancetogetinformationaboutthetarget, thenyouhavetoolsforvulnerabilityandlessisthentheexploitation, postexploitationandsoon.
There's alsotoolforreportingyourpentestingresults, whichisthefinalstageoff a typicalpentest.
Colleen X isnotonlythebestdestroforrealpentest, butthesetoolsarealsogreatforeducationalandtrainingpurpose.
Now I'm notgoingtogothrougheachofftheavailabletools.
Butthemostimportantorthemostusefultoolformehasbeenthemedicinerightframework, whichislike a completesystemwhereyoucanloadanexploit, giverequiredperimetersoroptionslike l hostboardsandourhostandthenruntheexploitagainstmachine.
Oncetheattackissuccessful, youcanget a returnshellanddoallthepostexploitationwork, thoughmatterspointgetsfrequentupdates, butyoucanalsogetthelatestknownexploitfromexploitDeshDBwebsite, whichisalsomaintainedbyoffensivesecurityTeamArmitageissortofdifferentendoffmedicine, Freudsaid.
Oursocialengineeringtoolkitisagain a prettyusefultoolforsocialengineeringattacks.
Doing 2018.
I feelitisnotthatusefulinrealworldscenario, butitisgoodfortrainingpurpose.
Startitsupportsfulldiskencryption, andatlast, Carlyalsohasthislooksnukeoption, whichinverybroadtermis a featurethatletsyoumakeyourdiscunreadableaftersetting a passphrasethatthiscanbelaterrecoveredbyusingthepastphrasethatyousetatthebeginning.