This page will provide links to Technical Assessment Plans that I have created that can be used to conduct assessments using the tools and utilities that a penetration tester would use. The assessment plans are structured in a way to help with the documentation of evidence for inclusion in a workpaper process. The plans provide helpful information on how to install, configure, and use the tools to obtain the evidence needed for an engagement. This page will continue to grow and improve as I document the methods I used when conducting audit engagements as a penetration tester.
External Fingerprinting Worksheet – Use standard Windows and Linux commands and freely download-able utilities to gather information about a target.
Windows Enumeration Worksheet – Use standard Windows commands and freely download-able utilities to enumerate the machines, users, and groups in a networked Windows Domain environment.
Windows Password Assessment Worksheet – Use open source and freely download-able utilities to assess the password strength in a networked Windows Domain environment. Password testing includes password policy assessment, password hash extraction, and online and offline dictionary attacks.
SNMP Assessment Worksheet – Use open source and freely download-able utilities to assess the SNMP protocol. This is for auditors that do not have access to or cannot afford the Solarwinds toolset. This is version 0.1 of the document and I plan on making updates and add new tools in the future.
I am going through the windows enumeration worksheet but am unable to find getacct. Do you know where this tool is now located or if there is a suitable replacement?
Jim, I didn’t even realize that I had not included getacct in the assessment plan. In the next few days I will provide an updated document. In the meantime I will provide the following information.
The folks at SecurityFriday created the tool but it is no longer available from their site. However, tools can always be found at http://www.packetstormsecurity.org. I did a search for getacct but I’ll provide the direct link to the latest version of the tool below.
http://packetstormsecurity.org/NT/getacct003.zip