This page documents how to use the run_test API from your own home-brew yaptest scripts.  

Version 0.0.9 of yaptest introduced yaptest-issues.pl.  This script is responsible for storing associations between hosts and security issues that you (or yaptest) have identified (e.g. 10.0.0.1 has the “telnet -fuser” vulnerability). This page illustrates how to use yaptest-issues.pl.

As of version 0.0.7 yaptest is able to store arbitrary information about hosts.  This is particularly useful on large tests.  This page provides a few examples of how to use the yaptest-host-info.pl script.

As of yaptest v0.0.7 it is possible to interrupt scans and resume them later without duplicating lots of the scanning you’ve already completed.  This feature is intended primarily for multi-day pentests where you need to stop your scan at the end of each day, then resume where you left off the next morning. This page […]

Some users commented that the creation of new tests (i.e. databases and “test area”) was unnecessarily difficult.  Version 0.0.5 of yaptest now includes a interactive Wizard, yaptest-wizard.pl that takes users step by step through setting up a new test.  The old method using yaptest-new.pl and yaptest-new-test-area.pl is still supported. Thanks to all those who have […]

During larger pentests, it’s quite possible you’ll acquire logon credentials for tens, hundreds or even thousands of systems.  After a while it becomes hard to track which systems you know usernames for, which ones you’ve got passwords for, etc.  Yaptest can help you keep track of all your logon credentials.  Here are some of its […]

Some notes on how to actually use yaptest…