Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Database pen-testing tools

from [Thor (Hammer of God)] Network Security [Permanent Link]
Subject: Re: Database pen-testing tools
Date: Fri, 18 May 2007 13:11:54 -0700
As leaders in database vulnerability research, NGS Software has some excellent audit and assessment tools available for database installations. You can check them out at:
www.ngssoftware.com

Word on the street is that some dude named "Tim Mullen" or some such just started working with them, and he seems to be a nice enough guy, so I'll go out on a limb and recommend NGS as well ;)

t

----- Original Message ----- From: "Erin Carroll" <amoeba@amoebazone.com>
To: <pen-test@securityfocus.com>
Sent: Friday, May 18, 2007 12:22 PM
Subject: Database pen-testing tools


List members,

Does anyone have some suggestions or experience with database-specific
pen-testing tools that you would recommend? I am by no stretch of the
imagination a DBA (I run at the first sign of the words "Relational
Database") so tools that don't require a large amount of DBA-ish background
to use to their full potential would be of particular interest.

The database testing market seems to be growing rapidly now and some
recommendations of tools to look at would be useful. I've played around with
NGSSquirrel, AppSec, have experience with some Oracle-specific tools of
course...and ran into a new player in the market (Securno) at InfoSec
Europe. Just wondering what other players are out there that are effective
or you've played with.


--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Legality of WEP Cracking, Richard Brinson
Next by Date:  Re: Legality of WEP Cracking, Tim Shea
Previous by Thread:  Re: Database pen-testing tools, iko tampan
Next by Thread:  Re: Database pen-testing tools, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Indexes:  [Date] [Thread] [Top] [All Lists]