Penetration testers, like the scouts of our youth, have to be prepared for anything they may encounter. This preparation takes time and as any pen-tester will tell you - a ton of tools.
VMware, Client for every databases & service, automated vulnerability scanners, fuzzers, web proxies, sniffers, etc. I could go on for days.
For maximize flexibility, pen-testers normally use laptops as their primary work computer. The large amount of programs and tools needed for a normal pen-test can tax a stock laptop in no time.
With this in mind, I will demonstrate a very simple technique of reducing the amount of running memory that is constantly consumed on a pen-test laptop.
In this example, I have created a couple of very simple batch files that help reduce the memory load used by the Windows version of Nessus.
RunNessus.bat
---------------------------------------
@ECHO OFF
net start "Tenable Nessus"
"C:\Program Files\Tenable\Nessus\NessusGUI.exe"
net stop "Tenable Nessus"
pause
---------------------------------------
UpdateNessus.bat
---------------------------------------
@ECHO OFF
net start "Tenable Nessus"
"C:\Program Files\Tenable\Nessus\updatecmd.exe"
net stop "Tenable Nessus"
pause
----------------------------------------
By using the above scripts, the Nessus service can be stopped and set to manual, therefore reducing the memory load on the laptop.
In my experience, I have noticed Nessusd taking up to 30,000 K of running memory after the plug-ins are loaded.
Just store this files somewhere and create shortcuts to them. You can even modify those newly created shortcuts.
This is a very simple example, but I hope it shows you the power of these simple batch files.
This technique is even more useful for applications that require SQL Express and other memory intense services to operate correctly.
No comments:
Post a Comment