Pentesting tools, experiences with accessibility thereof

Chris Turner

3 Apr 2017 3 Apr '17

10:30 p.m.

HI all. I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux. From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.) I know Berp Suite isn't accessible. How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox. I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D Anyway thoughts welcome. Cheers. Chris Turner --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

Show replies by date

Chris Nestrud

3 Apr 3 Apr

11:16 p.m.

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with. Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite. Chris On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote:

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Chris Turner

4 Apr 4 Apr

1:02 p.m.

Thanks will have a look. Regards Chris On 04/04/2017 00:16, Chris Nestrud wrote:

...

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote:

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

Mitchell Green

1:15 p.m.

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help? Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with. Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite. Chris On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...

Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Chris Turner

2:28 p.m.

Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

Mitchell Green

3:31 p.m.

This could be however I have had several messages that ask if anyone can see my messages that I have sent over the last 7 days. Not a single reply. Anyway I hope that we can fix this. I am going to send one called "test from Mitchell" to see if anyone is seeing this. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Mitchell Green

3:32 p.m.

Sent the test message at 10:32 Central time. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Greg B.

4:06 p.m.

Mitchell, I have received your message. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 11:33 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Sent the test message at 10:32 Central time. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Mitchell Green

4:09 p.m.

Which one. The one with "test from Mitchell" in the subject or the one that I have been replying to with the subject of this message? The one that is entitled with the subject "test from Mitchell" is the brand new one. It seems as if I can reply to a message but not send one. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Greg B. Sent: Tuesday, April 4, 2017 11:07 AM To: 'Blind sysadmins list' Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Mitchell, I have received your message. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 11:33 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Sent the test message at 10:32 Central time. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Greg B.

4:15 p.m.

Mitchell, The one that I responded to was titled pentesting tools. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 12:10 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Which one. The one with "test from Mitchell" in the subject or the one that I have been replying to with the subject of this message? The one that is entitled with the subject "test from Mitchell" is the brand new one. It seems as if I can reply to a message but not send one. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Greg B. Sent: Tuesday, April 4, 2017 11:07 AM To: 'Blind sysadmins list' Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Mitchell, I have received your message. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 11:33 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Sent the test message at 10:32 Central time. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Mitchell Green

4:17 p.m.

Understood. I am really not sure why the others are not going through. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Greg B. Sent: Tuesday, April 4, 2017 11:16 AM To: 'Blind sysadmins list' Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Mitchell, The one that I responded to was titled pentesting tools. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 12:10 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Which one. The one with "test from Mitchell" in the subject or the one that I have been replying to with the subject of this message? The one that is entitled with the subject "test from Mitchell" is the brand new one. It seems as if I can reply to a message but not send one. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Greg B. Sent: Tuesday, April 4, 2017 11:07 AM To: 'Blind sysadmins list' Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Mitchell, I have received your message. Greg B. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Mitchell Green Sent: Tuesday, April 4, 2017 11:33 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Sent the test message at 10:32 Central time. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Turner via Blind-sysadmins Sent: Tuesday, April 4, 2017 9:28 AM To: Blind sysadmins list Cc: Chris Turner Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi Mitchell. I know with Gmail, and guess maybe Outlook too, when I post to the list, I don't see my own messages. I obviously get the replies. It may just be no one's replied to your other post yet. Regards Chris On 04/04/2017 14:15, Mitchell Green wrote:

...

It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help?

Mitchell Green Information Technology Facilitator

o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127

NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document.

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof

Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with.

Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite.

Chris

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...
Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Andrew Hodgson

2:44 p.m.

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

Hi, Sorry if I misunderstood you but are you saying you aren't getting replies to emails you send to this list? Do you get this reply? Thanks. Andrew. ________________________________________ From: Blind-sysadmins [blind-sysadmins-bounces@lists.hodgsonfamily.org] on behalf of Mitchell Green [mgreen@outlooknebraska.com] Sent: 04 April 2017 14:15 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help? Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with. Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite. Chris On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...

Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Andrew Hodgson

2:44 p.m.

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

...

Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Mitchell Green

2:59 p.m.

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get

Yes. I got this reply but I have sent several messages including a few test ones that have received no replies. Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Andrew Hodgson Sent: Tuesday, April 4, 2017 9:44 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Hi, Sorry if I misunderstood you but are you saying you aren't getting replies to emails you send to this list? Do you get this reply? Thanks. Andrew. ________________________________________ From: Blind-sysadmins [blind-sysadmins-bounces@lists.hodgsonfamily.org] on behalf of Mitchell Green [mgreen@outlooknebraska.com] Sent: 04 April 2017 14:15 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof It seems as if I post to a reply I think people can see my messages but if I post a regular message I get no replies. Can anyone help? Mitchell Green Information Technology Facilitator o | 402-614-3331 x226 c | 402-871-1063 f | 402-933-1616 mgreen@outlooknebraska.com 4125 S. 72nd Street | Omaha, NE 68127 NOTICE: The information contained in this e-mail transmission and any attachment is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited. If you have received this communication in error, please contact the sender and destroy any copies of this document. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Monday, April 3, 2017 6:16 PM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof Nessus is usable, but their UI is a little clunky. It's possible to export a report (scan history) as either html or csv which may be easier to work with. Check out Fiddler (https://www.telerik.com/download/fiddler) as an alternative to Berp Suite. Chris On Mon, Apr 03, 2017 at 11:30:51PM +0100, Chris Turner via Blind-sysadmins wrote: details.

...

Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Donnacha McCarthy

2 May 2 May

9:17 a.m.

Hi Chris, IT ssecurity is an area I'm highly interested in as well and undertook a M.Sc in Forensic Computing a few years ago. Unfortunately from my experience it is one of those areas that you're extremely limited in as a blind/VI computer user. There is so far you can get with CLI tools but to do any advanced pen testing you primarily need to use tools like burp which automate a lot of the hard work and many of these tools are just completely inaccessible with a screenreader. Unless you're a good programmer you can also just write your own scripts to perform similar functionality. I admit that it's been a while since I was seriously involved in this area so things might have changed... I'm open to contradiction! Chris, if you would like to contact me off-list I can share some resources I found useful during my post graduate course that might help you along! cheers, Donnacha. On 4/3/17, Chris Turner via Blind-sysadmins wrote:

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

-- Donnacha McCarthy +353879038698

Chris Nestrud

12:20 p.m.

I would be interested in your findings. Have you considered Fiddler at www.telerik.com/fiddler as an alternative to Berp Suite? Chris On Tue, May 02, 2017 at 10:17:13AM +0100, Donnacha McCarthy wrote:

...

Hi Chris,

IT ssecurity is an area I'm highly interested in as well and undertook a M.Sc in Forensic Computing a few years ago.

Unfortunately from my experience it is one of those areas that you're extremely limited in as a blind/VI computer user.

There is so far you can get with CLI tools but to do any advanced pen testing you primarily need to use tools like burp which automate a lot of the hard work and many of these tools are just completely inaccessible with a screenreader.

Unless you're a good programmer you can also just write your own scripts to perform similar functionality.

I admit that it's been a while since I was seriously involved in this area so things might have changed... I'm open to contradiction!

Chris, if you would like to contact me off-list I can share some resources I found useful during my post graduate course that might help you along!

cheers, Donnacha.

On 4/3/17, Chris Turner via Blind-sysadmins wrote:

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

-- Donnacha McCarthy

+353879038698

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Katherine M. Moss

12:29 p.m.

Now that one, I can tell with certainty that it's accessible last time I checked. There is also a powerShell module that is sort of like metasploit or plugs into it, though my brain is farting on the details at the moment ... -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Tuesday, May 02, 2017 8:21 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Pentesting tools, experiences with accessibility thereof I would be interested in your findings. Have you considered Fiddler at www.telerik.com/fiddler as an alternative to Berp Suite? Chris On Tue, May 02, 2017 at 10:17:13AM +0100, Donnacha McCarthy wrote:

...

Hi Chris,

IT ssecurity is an area I'm highly interested in as well and undertook a M.Sc in Forensic Computing a few years ago.

Unfortunately from my experience it is one of those areas that you're extremely limited in as a blind/VI computer user.

There is so far you can get with CLI tools but to do any advanced pen testing you primarily need to use tools like burp which automate a lot of the hard work and many of these tools are just completely inaccessible with a screenreader.

Unless you're a good programmer you can also just write your own scripts to perform similar functionality.

I admit that it's been a while since I was seriously involved in this area so things might have changed... I'm open to contradiction!

Chris, if you would like to contact me off-list I can share some resources I found useful during my post graduate course that might help you along!

cheers, Donnacha.

On 4/3/17, Chris Turner via Blind-sysadmins wrote:

...
HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

-- Donnacha McCarthy

+353879038698

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

Donnacha McCarthy

9:17 a.m.

...

HI all.

I've been reading a couple of books on pentesting, IT security in generl, have a virtual test environment, using Kali linux.

From an accessability PoV, asking for any tips / experiences / pitfalls with using some of the main tools mentioned in the reading material I've got. I'm a screen reader user and typically SSH into Kali from the Windows host. (espeakup is broken at the moment.)

I know Berp Suite isn't accessible.

How do you find Nessus? I've got it installed and tried a basic scan. I can't make much sense of the table of results or see how to get details. Maybe I'm misunderstanding it or missing a button with JAWS. I'm accessing it via Firefox.

I'm fine at picking my way through learning the command line tools. Using metasploit framework, so far. I got into this as interested in networking and security. I suspect it might be one of those things I can only get so far with then be at a significant disadvantage due to accessability and speed. Well and my brain maybe too... :D

Anyway thoughts welcome.

Cheers.

Chris Turner

--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

-- Donnacha McCarthy +353879038698

2694

Age (days ago)

2723

Last active (days ago)

List overview

Download

17 comments

7 participants

participants (7)

Andrew Hodgson
Chris Nestrud
Chris Turner
Donnacha McCarthy
Greg B.
Katherine M. Moss
Mitchell Green

Pentesting tools, experiences with accessibility thereof

tags

participants (7)