Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Trend towards cheaper pen-test suites

From: "Andre Gironda" <andreg () gmail com>
Date: Tue, 5 Aug 2008 11:53:17 -0700
Has anyone noticed a recent trend towards cheaper pen-test suites?

E.g. SAINTexploit and CORE Impact Essential
http://www.saintcorporation.com/products/penetration_testing/saint_exploit.html
http://www.corest.com/content/core-impact-essential-overview

Has anyone used these or do you plan on using them?

I did a little statistics on the CVE's of the now 4 major exploitation
suites (Impact, SaintExploit, Canvas, and Metasploit) and it appears
that over 60% of the exploits are unique to one suite.  This means
that there is only 40% overlap.

It also appears that Canvas has the most unique exploits, followed by
SaintExploit then Metasploit.  About 80% of Impact's exploits are
featured in the other suites.

Cheers,
Andre

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: