Network Exploitation Tool Fast-track Network Exploitation Tool
Overview Fast-Track is a Python-based penetration testing tool It automates many functions necessary to identify network exploits Included in Backtrack OS
Backtrack 5 A Linux distribution (Ubuntu-based) designed with penetration testing in mind Comes preinstalled with many different suites of tools, including Nmap Wireshark Fast-Track
Fast-Track Features Fast-track works as a front-end to the Metasploit Framework Works in four steps Choose an exploit (over 300 are included by default) Choose a payload (such as a command shell or VNC client) Encode the payload to avoid detection Execute exploit
Exploits Among the over 300 exploits available (Windows and Linux) Network exploits Database exploits (including Oracle, SQL Server, and PostgreSQL) Web application exploits Most exploits due to improper hardening techniques or unsanitized data
Types of Attacks Automated Mass Client-Side Attack Payload Generation
Payload Generator Assumes attacker has access to remote machine Allows testing of host hardening and intrusion detection software Provides Several Types of Payload: Spawn a command shell Start a VNC server Open a port on remote system
Payload Generator, cont. Provides several encoding procedures to test intrusion detection and antivirus Includes avoid_utf8_lower
Documentation Largely unclear and unavailable Best source is the docs for Metasploit itself Still, many of the available choices are difficult to find information about