|
|
Links: 
|
Hacking and Security Tutorials >> Fast-Track - Pentesting in just a minute  Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when I was on a penetration test and found that there was generally a lack of tools or automation in certain attacks that were normally extremely advanced and time consuming. In an effort to reproduce some of my advanced attacks and propagate it down to my team at SecureState, I ended up writing Fast-Track for the public. Many of the issues Fast-Track exploits are due to improper sanitizing of client-side data within web applications, patch management, or lack of hardening techniques. All of these are relatively simple to fix if you know what to look for, but as penetration testers are extremely common findings for us. Fast-Track arms the penetration tester with advanced attacks that in most cases have never been performed before. Sit back relax, crank open a can of jolt cola and enjoy the ride. "LETS POP A BOX!!!!!!!!!" -Dave Kennedy"Old veterans like myself often dislike to see tools like this as it makes the hours of tedious work we have done for years seem less worthwhile (only because we did not think to script the stuff ourselves), but ultimately we must commend people like Dave Kennedy with sharing his expertise and experience with the masses. So checking out this tool is a must, but be sure to visit the Wiki page for the tool as is explains the tool in great detail, and will assist you with getting through the setup much more effectively. Lastly, there is some excellent videos at the site as well that gives a great preview of the capabilities of Fast-Track and you can see the videos here. Installing Fast-Track: make sure you have the latest version of Subversion Open a terminal and type the following command: svn co http://svn.thepentest.com/fasttrack /path-to-install/The svn co simply means "check out" the latest version of Fast-Track, the /path-to-install/ is the directory you want to install Fast-Track. If you want to update Fast-Track after you check out the files, simply type svn update, or use the Fast-Track menu to update. When you first check out Fast-Track, there are a few modules that need to be installed, fortunately, Fast-Track comes with a setup file that helps you install the files needed. From the command line and in the Fast-Track menu, simply type: python setup.py installFollow the guide for installing Fast-Track, note that the setup does NOT install Metasploit for you. If you don't have Metasploit installed, some applications will not work properly. Ensure that you enter the right path to Metasploit. Once installation has finished, run Fast-Track, if it errors out saying you do not have the proper requirements, type yes to try a different type of install. If this still doesn't work you will need to manually install the requirements. now to run Fast-Track type: ./fast-track.pyto run the web GUI mod: ./ftguiOpen a browser and go to http://127.0.0.1:44444 Fast-Track HomePage: http://www.thepentest.com Forum URL: http://forum.bec0de.com/tools-f5-fast-track-pentesting-in-just-a-minute-t166.html |