I am trying to understand the evidence left behind by three attack tools, KALI, BACKTRACK & METASPLOIT.
i would like to perform a penetration test and understand if there is a pattern or any digital evidence left behind. all suggestions are welcome. anyone willing to work alongside me +for some paid services please contact me
Thanks,
Timmy
Timmy,
KALI and BACKTRACK are distributions not attack tools. The evidence left behind depends on the tool you're using (there are many in Backtrack/Kali).
Where you want to look for evidence on the attacker machine or on the target machine?
No offense but maybe it is better to rephrase your questions and get some background information what you're talking about.
I want to create a virtual machine with evidence and use the tools on kali / back track to see what works best and what is left behind
I want to create a virtual machine with evidence and use the tools on kali / back track to see what works best and what is left behind
Again, those are distributions. What works best is a knowledgeable analyst who specifically and thoughtfully chooses a tool for use.
Timmy,
Kali contains lots of tools, just have a look at
You really need to decide the limits of the project
- what you want to do with Kali, for example information gathering, gaining access, spoofing etc
- what OS you want to "scan" with Kali, each OS has it's own place evidence can be found
- what firewall is configured
- which patches you used
- is your target running specific services like mailserver, dns, webserver etc
Just too many things to consider.
can you work with me on these for some pay please? or can you recommend anyone
can you work with me on these for some pay please? or can you recommend anyone
You'd be hard pressed to find someone to pay you for that research, but picking a tool and doing a complete forensic analysis (client, transmission data, server) would probably be a good university project