Re: [PEN-TEST] Retina

[Steve <Steve () SECURESOLUTIONS ORG>]

Whisker is an excellent tool and the price is right.  You may want to also
check out VLAD from BindView RAZOR, http://razor.bindview.com

And while I am on the topic of BindView, for a good commercial product check
out HackerShield. I wrote some product reviews for www.ntsecurity.net on all
of the major scanning tools and if I had to compare them head to head, I
would go with HackerShield as my primary then back up the information with
multiple freeware tools.

Disclaimer:  at the time of my product reviews, I was truly an unbiased
third party.  Today, I cannot claim the same to be true.

Regards;

Steve Manzuik

"This email is my opinion, not my employers, clients or anyone I am
associated with"

> Some good non-commercial web scanners (available for
> free on the Net) include "whisker" a PERL based script
> by rainforest puppy (which does a good job on UNIX web
> servers), and GNIT (which does a good job on IIS/NT
> servers).

> I like to use at least some of the same tools that the
> web defacers out there are using, in addition to
> commercial tools. I think sometimes commercial tools
> lag, or don't seem to understand the significance of
> some vulnerable script, etc..