Penetration Testing mailing list archives

RE: New Tools

From: "William Bell" <williamb () cwie net>
Date: Fri, 11 Aug 2006 06:27:14 -0700

If you have the deep pockets to support it, I highly recommend the CORE
Impact product. The current product is good and revision 6 due soon,
promises to do even better. For a high-skill shop, you can get as custom as
you want, including writing your own exploits in python, leveraging their
code to assist you. The cost will scare a lot of people away, but I suggest
you look at the product carefully and you can find a way to make it cost
effective. The unfortunate part is if you want to test their product out,
you have to spend about 3 grand to get an 8 ip license, if you go that
route, I recommend putting 1 or 2 "free" ip's in the mix, ones that you can
easily put multiple systems on for testing. If you want to know more about
the product and the experiences I have had with it, contact me off list.

William L. Bell II
Manager of Security Operations
CWIE Security Dept.
Email: williamb () cwie net
Tel: 480-449-7750 ext 117


-----Original Message-----
From: Erin Carroll [mailto:amoeba () amoebazone com] 
Sent: Thursday, August 10, 2006 8:37 PM
To: suttonp () aafes com; pen-test () securityfocus com
Subject: RE: New Tools

Or to reword this in a more focused way specific to the pen-test list: What
commercial tools have you had success with or are partial too? :)

I'm also in the process of working on tools to budget for next year at the
day job so any insight from list members would be appreciated.

-----Original Message-----
From: suttonp () aafes com [mailto:suttonp () aafes com] 
Sent: Thursday, August 10, 2006 7:13 PM
To: pen-test () securityfocus com
Subject: New Tools

OK people, the checkbook is open for 2007 and I have been 
asked for a want list.... any suggestions. Need answer by COB 
Friday. Alt. email pjsutton () urnet net

--------------------------------------------------------------
----------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win 
the Analyst's Choice Award from eWeek. As attacks through web 
applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most 
comprehensive solutions to meet your application security 
penetration testing and vulnerability management needs. You 
have an option to go with a managed service (Cenzic 
ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help 
you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to 
confirm your results from other product. Contact us at 
request () cenzic com for details.
--------------------------------------------------------------
----------------


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.10.8/415 - Release 
Date: 8/9/2006


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.10.8/415 - Release Date: 8/9/2006
 


----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic has
the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--

Attachment: smime.p7s
Description:

Current thread:

New Tools suttonp (Aug 10)
- RE: New Tools Erin Carroll (Aug 10)
  - Re: New Tools Tech Sy (Aug 11)
  - RE: New Tools Sol Invictus (Aug 11)
  - Re: New Tools s-williams (Aug 11)
    - Re: New Tools Mohammad Wajahat Usmani (Aug 11)
- Re: New Tools Tim (Aug 11)
- <Possible follow-ups>
- RE: New Tools William Bell (Aug 11)