Hello, everyone. This is Dean, Pompey, Leo,
and we're gonna do a demo of a tool that is useful for
gathering and organizing your information
and giving you some options for generating reports
on that information.
These could be things like
your outputs from certain types of scans or
perhaps your your word list that you're generating for password cracking.
Maybe you want to attach some some files, too,
your your folder for a particular
And Dre just gives us a nice, nice tool to do this.
So first thing we'll do is
open up our Web browser and we'll go to the ER
Callie Tools website.
Well, look at our list of tools,
and if we scroll down
to the reporting tools we confined greatest here.
There are other options.
Feel free to explore these as as you wish.
But Dre, this is really easy to use, so we'll go ahead and try this one.
So this allows you to share the information,
and it's a self contained Web application. So lets you have a repositories that you can use for,
as I said, organizing and gathering all of your information.
So the first thing you need to do is start service
and then connect to the Web site on poor 3004.
The first time you connect, you'll be prompted to generate a password. I've already done that step, so you're not going to see that here.
But this is what the screen would look like.
All right, let's open up our command shell
takes couple seconds. All right, that's done.
Now let's go back to our Web browser.
Notice that it is as I sell.
So we'll go to our loop back address and pour 3004
so I'll go ahead and log in with the the the admin
user name and password that I created.
Okay, so we get a sample
that's created for for the default install,
and we can see we've got some areas here. We can add notes,
and we can add attachments. There's tabs along the bottom to do this
as you can explore the
the default information that was generated. What I'm gonna do is add a branch and a branch is just
a another folder, if you will,
let's let's actually call this
social engineering audit. Okay,
I've got my my branch that created just a folder to organize my information.
And the first thing I want to do is look at my no categories.
I've got HTML export possibilities. I've got the ability to export and word format.
I'm gonna go ahead and add a note,
So just a little sample there
and the preview shows you what it would look like once you, uh,
So save that Now that's created,
and I can have another note,
and these will just accumulate. And we've got a nice time. Stamp information here
can also import notes,
and so you'll pick a source and a few different formats are supported.
So med exploit ah, database format or from wiki or from a vulnerability database.
Depending on the kind of work you're doing,
this could be a really useful feature.
generate some filters.
For instance, I'll just pick this format
and I can look for ah, filter for a particular version of Wiki,
point this towards the director that you're searching for.
But in the case of the audit,
we can have a child,
So this means that I've got a sub folder.
And I wanted generate another folder for target number two.
Ah, you can even add
hosts if you want to, uh, use this level of detail.
And if, for instance, I might go to my my first target,
I don't have any notes generated for for this target,
but I could select an attachment.
And maybe I decide that there is a
file that I'd like to attach to this
particular audits. I'll go to a director, Rhino. I gots an interesting files.
for the Seif Chul earlier.
I'm gonna scroll down and find that folder.
And in this folder, I generated
list of words that I can use for a dictionary attack
so I can open that file now that out filed, that tax is attached to the target one folder.
So if you're organizing your information for your
you're you're sprawling social engineering audit,
this could make your life a lot easier.
It's always good to be organized,
avoid making mistakes.
For instance, you might be
information about it. Several different targets at a given organization, and you want to make sure you've got all the information straight. For each of those, you might have notes about
some of the targets, names or the names of their associates or the names of their
their management staff.
So keeping this information organized on a per folder basis
gives you a much better chance of avoiding making a mistake that will
will blow your cover, so to speak.
All right, so hope you enjoy the demo. Here. You can use this tool. Thio do some interesting things.
Let's look real quick
at our export options
so we can generate a report in word format
Have a look, a template.
If that was an option,
lips, you re select that
we have HT helm html export information.
So depending on what, there's no data here to really see right now, because I haven't really entered any
I shall have some information on this records. Let's see if we can
so you can generate through the export as a template or as a project.
as you'll see when you start using the tool
during the process of your audit, you'll have a differing requirements for how you want to organize the information on what's gonna be most useful for your personal style that you like Thio operate with
anyway. Very simple tool to use their simple to configure and pretty useful.
So go ahead and explored Greatest. And I'll see you in the next demo.