Penetration Testing mailing list archives
RE: [Dailydave] RE: Network Exploitation Tools aka ExploitationEngines
From: "Clement Dupuis" <cdupuis () cccure org>
Date: Sat, 4 Sep 2004 20:52:10 -0400
CANVAS is completely programmed in Python. You can no only look at the exploit but also the interface :-) As I have said in the past, core impact has more beautifying, more wrapping, and more people behind it supporting it but at the price that CANVAS is sold, you can definitively afford CANVAS and it does a great job. There were some stability issues with the earlier version of CANVAS but overall I have found that it was a great tool for what it is intended: PENTEST Core Impact has more features wrapped but you pay for these features such has having NMAP integrated etc... etc... One of the beef I had with core impact was the fact that it was tied to specific version of WinPcap and you were out of luck at time if you were running the latest version of NMAP with the latest version of Winpcap. Ask both vendors for a demo. See for yourself, try it yourself, that's probably the best way to find out which one better fill your needs. Clement
-----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave- bounces () lists immunitysec com] On Behalf Of Kurt Seifried Sent: Saturday, September 04, 2004 7:55 PM To: Clarke, Tyronne (Contractor); pen-test () securityfocus com; dailydave () lists immunitysec com Cc: focus-ms () securityfocus com Subject: Re: [Dailydave] RE: Network Exploitation Tools aka ExploitationEnginesBased upon experienced findings during live testing, which productprovidesyou with most clarity of comprehensive information( CANVAS or CORE Impact? ). You >mentioned CANVAS allows you to look under the hood and analyze the exploits but what about CORE Impact.Core impact uses Python for the exploits, so you can look under the hood quite easily so to speak. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: Network Exploitation Tools aka Exploitation Engines Clarke, Tyronne (Contractor) (Sep 04)
- Re: [Dailydave] RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 07)
- RE: [Dailydave] RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 07)
- RE: [Dailydave] RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 10)
- <Possible follow-ups>
- RE: Network Exploitation Tools aka Exploitation Engines Todd Towles (Sep 10)
- Re: [Dailydave] RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 07)