Pentesting with Perl

I’m currently working on a new training course I’m planning to give in the near future. By the title of the blog posting, I’m sure you have guessed the title… That’s right, Pentesting with Perl

The object of the course is to cover many of the tasks that need to be performed during a penetration assessment.

  • IP/Hostnames reverse, resolve and extract information
  • Convert CIDRs to Ranges and Ranges to CIDRs
  • Extracting information from: Nmap, Nikto, Sslscan, Dirbuster, and Fierce
  • Extracting links and email addresses from a website
  • Building a Port-scanner in 10 minutes or less
  • Union and intersection of two files
  • Building a sniffer to parse PDML (synergy decrypter)
  • Performing Phishing attacks with Metasploit (updated)
  • Modifying the shellcode of your favorite browser exploit (updated)

This course will help to streamline much of the tedious aspects of pentesting. We will use Perl to get the job done quickly and effectively. The goal of the course is to help everyone to automate many of the tasks they are performing manually, so that they can focus on more complex issues. The ability to automate tasks is critical to being a successful penetration tester. We need to be spending time on the most complex issues that can not be tested through the use of automated tools!

Please let me know what you think. I look forward to your comments and suggestions.

Recommended Reading:

  • Programming Perl (ISBN-10: 0596000278, ISBN-13: 978-0596000271)

The requirements for the course are:

  • A basic understanding of Perl including scalars, arrays and hashes
  • A basic understanding of XML and Object Oriented programming
  • A good understanding of TCP/IP and other networking concepts
  • Familiarity with Nmap and other penetration testing tools

I’m structuring the course to be roughly 3 hours and to be available at Infosec World 2010.

Regards,
Jabra

Advertisements

9 Responses to Pentesting with Perl

  1. Jhaddix says:

    Jabra… it think this is an awesome idea. Proggrasmming for pentesters id a grey area that i think needs to be addressed. Hit me up sometime =) admin[at]securityaegis[dot]com

  2. jcran says:

    hrm… how about sending phishing emails? a little perl might do the trick 🙂

  3. Jabra says:

    @Jcran

    Good suggestion! I just added phishing to the list.

    Regards,
    Jabra

  4. Anonymous says:

    Is there a specific reason to use Perl; instead, of Python?

  5. Jabra says:

    @Anonymous

    The reason I decided to use Perl for the course is because I have the most experience with it. To be clear, the course isn't focused on learning Perl, it is focused on completing many of the tasks involved in a performing a successful penetration assessment. Therefore, anyone with a good understanding of Python should be able to take this course.

    Regards,
    Jabra

  6. cytrix says:

    whats up on this subject? Pen-testing with Perl! i have a lot of experience in Perl. i have plenty of Perl examples that i have written for this matter of subject. would be nice to have a developing team about Pen-testing with Perl and have a site with some kind of repository using GIT or SVN for our Perl example on Pen-testing. anyways give me a holler when y’all up for it,

  7. Anon says:

    Jabra i think the pen testing comminuity need a book on pen testing with perl it could be awesome if book like this is published.

  8. anonymous says:

    It seems a good material but you can add to it :
    1.Automating malware analysis with ollyperl.
    2.fuzzing with fuzzled .
    3.web penetration testing with(lwp ,www::mechanize )
    4.geolocation with perl
    5.perl as forensics tool.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: