Hello,
does anyone know, if Sophost blocks, deletes or put into quarantine penetration testing tools, like fuzzers, exploitation tools or remote access tools?
Thanks.
This thread was automatically locked due to age.
Hello,
does anyone know, if Sophost blocks, deletes or put into quarantine penetration testing tools, like fuzzers, exploitation tools or remote access tools?
Thanks.
Hi Jaroslav Rus,
In General, these tools might be detected under PUA but I would require more than
penetration testing tools, like fuzzers, exploitation tools or remote access tools
maybe a sample/File hash details would help me in giving a definitive statement on this.
Regards,
Gowtham Mani
Community Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'This helped me' link.
Hi Jaroslav Rus,
In General, these tools might be detected under PUA but I would require more than
penetration testing tools, like fuzzers, exploitation tools or remote access tools
maybe a sample/File hash details would help me in giving a definitive statement on this.
Regards,
Gowtham Mani
Community Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'This helped me' link.
Hello Gowtham Mani,
mostly I am concerned about:
1) PupyRAT github.com/.../pupy
2) TheFatRat github.com/.../TheFatRat
Which are use to maintain access during postexploitation phase of penetration testing.
Secondly about Metasploit and Immunity Canvas which I use for exploitation, both tools have backdoor templates along with either directory with exploits. For fuzzing I mostly use AFL, Peach and Mutiny. All are accessible on Github except Canvas.
Thanks for reply.