Penetration Testing mailing list archives
RE: Commercial Exploit Tools
From: "sekhar" <vedantamsekhar () gmail com>
Date: Fri, 30 Sep 2011 23:00:08 +0000
Core Impact is another tool. It has client side exploitation as well. They claim that it has web attack capability but in reality it is useless... Sent from Mobile -----Original Message----- From: Neusbeer Sent: 01/10/2011 1:05:04 am To: Kent Blackwell; pen-test () securityfocus com Subject: Re: Commercial Exploit Tools immunitysec's canvas is one of the best I've heard. (to expensive for me so I only heard it, and a few vids of working with canvas) metasploit is second behind them with Rapid7 neXpose and their Framework. Nessus can be handy sometimes... Slaintz, Neusbeer Op 29-9-2011 20:42, Kent Blackwell schreef:
Greetings all, I work for a DoD organization as a penetration tester. We currently use a combination of open source tools and eEye Retina for our tests, however some excess cash in the budget has given us the opportunity to grab ourselves a commercial exploitation tool. Given that our distribution of choice is Backtrack 5 the most obvious choice was Metasploit Pro. I checked out the most recent list of exploit tools on seclists, but as the survey is hitting the five year mark I'd expect things have changed. A quick Google at some alternatives gave me a list of sponsored ads that I have zero trust in so I figured I'd probe the community here. My question is what commercial exploitation tools do you use and what's your opinion on them. I don't need a huge, detailed explanation of the tool, just an opinion and the name of the tool. Thanks in advance! -Kent ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Commercial Exploit Tools HD Moore (Oct 01)
- <Possible follow-ups>
- RE: Commercial Exploit Tools sekhar (Oct 01)