Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Vuln Scanning software choices

from [Richard Zaluski] Network Security [Permanent Link]
Subject: RE: Vuln Scanning software choices
Date: Sun, 19 Mar 2006 10:54:26 -0500 
While CORE and Metasploit are great products (iVOLUTION uses both in our
engagements) they are more on the Penetration side.  I would look at Retina
Network Security Scanner, ISS as well as SAINT (We also use SAINT)

In our engagements we always employ two automated scanners so that results
can be cross referenced to weed out potential false positives.


Richard Zaluski
CISO, Security and Infrastructure Services 
iVOLUTION  Technologies Incorporated
905.309.1911 Ext 600
866.601.4678 Ext 600
www.ivolution.ca
rzaluski@ivolution.ca

-----Original Message-----
From: bill.louis@gmail.com [mailto:bill.louis@gmail.com] On Behalf Of Alice
Bryson
Sent: Friday, March 17, 2006 7:02 AM
To: Tblinux
Cc: pen-test@securityfocus.com
Subject: Re: Vuln Scanning software choices

hi
    Core Impact and CANVAS are very good pen test tool.
    Metasploit is a free version of pen test tool, you could try it.

2005/11/11, Tblinux <TBLinux@covad.net>:

I know that most if not all of you use or have used Nessus at some
point. I've been following the thread. Now that it appears that Nessus
is seriously ratcheting down support for independent consultants and
corporate / gov't users without a registered and paid for license what
scanning software are you considering? Has anyone done a *complete*
comparison of all of the scanning software out there and made a choice
based on the findings? If so what was it?

I work for a fairly large company and the contract negotiations with
Tenable are going poorly and the company I work for is looking at the
options.

Any input would be greatly appreciated!!!!



----------------------------------------------------------------------------
--

Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers

are

futile against web application hacking. Check your website for

vulnerabilities

to SQL injection, Cross site scripting and other web attacks before

hackers do!

Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831


----------------------------------------------------------------------------
---






--
Homepage:http://www.lwang.org
We collect spam for research at:
mailto:abryson@bytefocus.com

----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to
proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).

Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
----------------------------------------------------------------------------
--




------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re: Sniffing a windows domain authentication, jeremiah
Next by Date:  List of Microsoft superceded bulletins, HObbES
Previous by Thread:  Re: Vuln Scanning software choices, Alice Bryson
Next by Thread:  RE: Vuln Scanning software choices, Webster, Mark
Indexes:  [Date] [Thread] [Top] [All Lists]