RIPT 1 – Background

RIPT stands for Remote Internal Penetration Test. The following posts document the development of a small, cheap, reliable, and secure device for sending to clients when an onsite presence is not possible.

Our goal as a security organization is to become trusted advisors to our clients. Such a relationship is typically built on extended direct contact so “sending a box” has never been our modus operandi. As vulnerability assessment and penetration testing services become more and more commoditized, though, price becomes the discriminator that wins the bid. Many of our competitors have already moved to remote testing, which lowers costs by eliminating travel. We can’t become a trusted advisor if we can’t get the initial business.

For one-off engagements with existing clients we had a solution where we sent a pre-configured laptop that would SSH back to our lab. This worked, but was not optimal. Laptops are not robust items to send around the world for one, and many clients limit what types of connections are allowed out of their environment.

The RIPT scanner is not meant to be a replacement for an onsite engagement or for other commercially available solutions.

RIPT 1 – Background –
RIPT 2 – Requirements –
RIPT 3 – High Level Overview –
RIPT 4 – RIPT Relay (Basics) –
RIPT 5 – RIPT Relay (SSH over SSL/TLS) –
RIPT 6 – RIPT Relay (SSH) –
RIPT 7 – RIPT Server (Install Kali) –
RIPT 8 – RIPT Server (Safe Boot) –
RIPT 9 – RIPT Server (USB Key) –
RIPT 10 – RIPT Server (SSH) –
RIPT 11 – RIPT Server (VNC) –
RIPT 12 – RIPT Server (HTTP Proxy / Squid) –
RIPT 13 – RIPT Server (SSH Tunnels) –
RIPT 14 – RIPT Server (Tunnels as a Service) –
RIPT 15 – RIPT Server (Boot Parameters) –
RIPT 16 – RIPT Server (Logging) –
RIPT 17 – RIPT Server (Hardening) –
RIPT 18 – RIPT Client (Windows) –
RIPT 19 – RIPT Client (Linux) –
RIPT 20 – RIPT Client (SSH/VNC/HTTP Proxy/SOCKS Proxy) –
RIPT 21 – Errata –


Leave a Reply

Your email address will not be published. Required fields are marked *