Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Vuln Scanning software choices

from [Webster, Mark] Network Security [Permanent Link]
Subject: RE: Vuln Scanning software choices
Date: Mon, 20 Mar 2006 09:29:11 -0500 
Don't' forget about Nessus.  Unfortunately it recently went closed
source.   

Mark Webster
Systems Engineer, A+, Net+, Sec+, MCSE+I, CCNP, CCDP, FCSE, CCSE, SCSA,
RHCSE, ISSSE
ITSS Dept, Northern Virginia Community College
Phone: 703-323-3374
Fax: 703-323-3796
Email: mwebster@nvcc.edu

"A belt only covers 2 inches of your butt, the rest you have to back up
on your own", Royce Gracie of Royce Gracie Jiu-Jitsu


-----Original Message-----
From: Richard Zaluski [mailto:rzaluski@ivolution.ca] 
Sent: Sunday, March 19, 2006 10:54 AM
To: 'Alice Bryson'; 'Tblinux'
Cc: pen-test@securityfocus.com
Subject: RE: Vuln Scanning software choices

While CORE and Metasploit are great products (iVOLUTION uses both in our
engagements) they are more on the Penetration side.  I would look at
Retina
Network Security Scanner, ISS as well as SAINT (We also use SAINT)

In our engagements we always employ two automated scanners so that
results
can be cross referenced to weed out potential false positives.


Richard Zaluski
CISO, Security and Infrastructure Services 
iVOLUTION  Technologies Incorporated
905.309.1911 Ext 600
866.601.4678 Ext 600
www.ivolution.ca
rzaluski@ivolution.ca

-----Original Message-----
From: bill.louis@gmail.com [mailto:bill.louis@gmail.com] On Behalf Of
Alice
Bryson
Sent: Friday, March 17, 2006 7:02 AM
To: Tblinux
Cc: pen-test@securityfocus.com
Subject: Re: Vuln Scanning software choices

hi
    Core Impact and CANVAS are very good pen test tool.
    Metasploit is a free version of pen test tool, you could try it.

2005/11/11, Tblinux <TBLinux@covad.net>:

I know that most if not all of you use or have used Nessus at some
point. I've been following the thread. Now that it appears that Nessus
is seriously ratcheting down support for independent consultants and
corporate / gov't users without a registered and paid for license what
scanning software are you considering? Has anyone done a *complete*
comparison of all of the scanning software out there and made a choice
based on the findings? If so what was it?

I work for a fairly large company and the contract negotiations with
Tenable are going poorly and the company I work for is looking at the
options.

Any input would be greatly appreciated!!!!



------------------------------------------------------------------------
----
--

Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on

your

website. Up to 75% of cyber attacks are launched on shopping carts,

forms,

login pages, dynamic content etc. Firewalls, SSL and locked-down

servers
are

futile against web application hacking. Check your website for

vulnerabilities

to SQL injection, Cross site scripting and other web attacks before

hackers do!

Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831


------------------------------------------------------------------------
----
---






--
Homepage:http://www.lwang.org
We collect spam for research at:
mailto:abryson@bytefocus.com

------------------------------------------------------------------------
----
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to
proactively 
protect your applications from hackers. Cenzic has the most
comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic
Hailstorm).

Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------
----
--




------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to
proactively 
protect your applications from hackers. Cenzic has the most
comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic
Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------
------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Metasploit encoding, H D Moore
Next by Date:  Whitepaper : VoIP Security - A layered approach, Frederic Charpentier
Previous by Thread:  RE: Vuln Scanning software choices, Richard Zaluski
Next by Thread:  pwdump6 Version 1.2 released, fizzgig
Indexes:  [Date] [Thread] [Top] [All Lists]