For a penetration test, most checking procedures are standardized and routine. Don’t you ever feel tired by typing nmap, Nessus, or Saint every single time when you start the test? Are you still feeling safe and rational to type ‘cd’ a thousand times for changing directories to manage your projects? Even if you upgraded yourself proudly and start using some funny GUI interface from Nexpose or Tenable, you will still suffer from managing them manually. Those automated tools will no longer helpful or customizable when you meet an standard crappy IPS that blocks typical scanning.
Manual assessment is your own value position to distinguish yourself from others in terms of skills, knowledge and speed! But the term “manual” are often over used by companies. It doesn’t mean you have to spend your time and effort to keep typing ls and cd on the keyboards with your bloody hand but your mental power to think of an alternate route to penetrate into the system. Here is a handy script I written for myself to save my time, make a penetration test in a more organized manner and help you focus on a real hacking but not typing.
With this script, you can create your client folder (when not exist), make standard directories to store scanning results, findings, ip list and etc by just typing:
p.s. Yahoo is not my client, yet.