After about 5 months of watching developers log , seems it's finally out !
Today while checking my mails I noticed new mail from Max, announcing this new ( final ) release of version 2.0 . and I was glad to see that ISSAF is finally there . After releasing v1.0 of ISSAF I had talks with Max, on joining these two projects. The idea was adopting both BackTrack and ISSAF in a way that tools in ISO and documents in ISSAF cover each other, so that all an ISSAF reader require , will be a copy of BackTrack to finish all of tests explained in ISSAF. seems it's going to happen .
For those who don't know, ISSAF is a project of OISSG , which provides a complete documentation for penetration-testing , or a so called "Assessment/Pen-test framework"and I've authored few chapters of it. I've been idle on ISSAF project after v1.0 but I hope to be able to get my hands dirty again and try to upgrade documents/tools in draft, as much as possible.
It's not all about v2.0 . I found a fantastic addition since their beta release. BackTrack finally added support of cool USB wlan devices . Here's the snip from announcement :
"By supporting the new ALFA USB hi-power devices there is now a great USB wireless dongle available which allows us to connect an external antenna and use BackTrack to attack even on my Intel Macbook or VMware"
If it's still not clear enough for you, here's what it means for me : Attach the usb device to your system , run your VMware , start your your local-hd-install of BackTrack 2.0 which has been previously installed , and enjoy the power of BackTrack on owning wireless network, while having fun with your windows based tools.
Before this, you had no chance to use wireless capabilities of BackTrack while it's working inside VMware.
I've been a remote-expl0it.org fan since their early Auditor days and I've always enjoyed their works. Although I'm still using their Auditor since 2005 but I have always an up to date version of BackTrack with me. Long time ago I replaced my debian linux with a local-hd-install of Auditor and began boosting it in my own way, and it's still cool and useful in 2007 :)
You may ask why I didn't simply upgraded my local installed version to a BackTrack release? The answer is as simple as " I like Debian more than Slackware" . So I decided to keep my debian installation up2date rather than installing new slackware, and just kept upgrading/adding tools mentioned in newer releases of BackTrack.
Making a raw laptop to a pen-test station is so easy these days. All you have to do is downloading an ISO, burning it and booting it. If you don't feel comfortable with booting cd/dvd for every session and you can't sleep well while running a linux customized by someone else, there's always a "Local-HD-Install" option for you. IMO a live copy is not stable enough for a real-world pen-test, but it's just good for demonstrations, demos or using while training sessions.
It's painful to reconfigure live version every time you use it, and after all user is limited in some aspects of configurations. Yes I know we can save configs to a flash or local partition, but why making everything hard for ourself when there's chance of booting a live pen-test cd from HD, with no limitation?
Beta release of BackTrack 2 was nice experience for me. I tried to replace it with my current tool-set for a while, to be able to fuly evaluate it. And now I can say that it will cover >90% of your requirements for a complete professional pen-test session. There were few bugs and missing tools but I'm sure v2.0 is good enough to hold it for a while.
Read about more upgrades since beta release on BackTrack's page.
Today while checking my mails I noticed new mail from Max, announcing this new ( final ) release of version 2.0 . and I was glad to see that ISSAF is finally there . After releasing v1.0 of ISSAF I had talks with Max, on joining these two projects. The idea was adopting both BackTrack and ISSAF in a way that tools in ISO and documents in ISSAF cover each other, so that all an ISSAF reader require , will be a copy of BackTrack to finish all of tests explained in ISSAF. seems it's going to happen .
For those who don't know, ISSAF is a project of OISSG , which provides a complete documentation for penetration-testing , or a so called "Assessment/Pen-test framework"and I've authored few chapters of it. I've been idle on ISSAF project after v1.0 but I hope to be able to get my hands dirty again and try to upgrade documents/tools in draft, as much as possible.
It's not all about v2.0 . I found a fantastic addition since their beta release. BackTrack finally added support of cool USB wlan devices . Here's the snip from announcement :
"By supporting the new ALFA USB hi-power devices there is now a great USB wireless dongle available which allows us to connect an external antenna and use BackTrack to attack even on my Intel Macbook or VMware"
If it's still not clear enough for you, here's what it means for me : Attach the usb device to your system , run your VMware , start your your local-hd-install of BackTrack 2.0 which has been previously installed , and enjoy the power of BackTrack on owning wireless network, while having fun with your windows based tools.
Before this, you had no chance to use wireless capabilities of BackTrack while it's working inside VMware.
I've been a remote-expl0it.org fan since their early Auditor days and I've always enjoyed their works. Although I'm still using their Auditor since 2005 but I have always an up to date version of BackTrack with me. Long time ago I replaced my debian linux with a local-hd-install of Auditor and began boosting it in my own way, and it's still cool and useful in 2007 :)
You may ask why I didn't simply upgraded my local installed version to a BackTrack release? The answer is as simple as " I like Debian more than Slackware" . So I decided to keep my debian installation up2date rather than installing new slackware, and just kept upgrading/adding tools mentioned in newer releases of BackTrack.
Making a raw laptop to a pen-test station is so easy these days. All you have to do is downloading an ISO, burning it and booting it. If you don't feel comfortable with booting cd/dvd for every session and you can't sleep well while running a linux customized by someone else, there's always a "Local-HD-Install" option for you. IMO a live copy is not stable enough for a real-world pen-test, but it's just good for demonstrations, demos or using while training sessions.
It's painful to reconfigure live version every time you use it, and after all user is limited in some aspects of configurations. Yes I know we can save configs to a flash or local partition, but why making everything hard for ourself when there's chance of booting a live pen-test cd from HD, with no limitation?
Beta release of BackTrack 2 was nice experience for me. I tried to replace it with my current tool-set for a while, to be able to fuly evaluate it. And now I can say that it will cover >90% of your requirements for a complete professional pen-test session. There were few bugs and missing tools but I'm sure v2.0 is good enough to hold it for a while.
Read about more upgrades since beta release on BackTrack's page.
No comments:
Post a Comment