When performing a penetration test, it is important to know when and what changed over a period of time. Administrators are typically overworked and will probably still need to get work completed while you are performing your testing. One method of ensuring that you are not playing on an ever-changing field is to grab a baseline of the network you are testing. PBNJ is very capable of this task. The website for scanPBNJ is located at http://pbnj.sourceforge.net. The key item of note about scanPBNJ
is that it uses nmap
to scan the network and then stores the results in a database for you along with timestamps of when the scan was performed. In a terminal window on Kali, enter the following:
# apt-get install pbnj
This will identify and then install the package. Once the installation is complete, the next step is to set the tool up. This will be done in the next chapter.