Security Basics mailing list archives
RE: Pen tester
From: "Dan Denton" <ddenton () remitpro com>
Date: Thu, 27 Mar 2008 16:47:24 -0500
If you're interested in WebScarab (seems a lot like BurpSuite) you might be interested in Paros. Like WebScarab and BurpSuite, it acts like a web proxy on your local machine, and allows you to see requests and responses. One thing it has on the others is the ability to analyze the crawl/trap data and generate easy to read reports. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Kevin Ortloff Sent: Thursday, March 27, 2008 3:23 PM To: hkshimulbd () gmail com; security-basics () securityfocus com Subject: RE: Pen tester Nessus is great for a mixed environment. Good reporting, understandable and has references to other links for more info. GFI LanGaurd is great for Windows environments and can do much more than a scan, it can push updates, show installed apps, and a few other useful things. Metasploit is hard to understand, but great for deeper analysis and actually attacking a machine ( my favorite ) You can also use WebScarBar for webservers. I just downloaded/installed it but have not figured it out yet.... Seems a little advanced too, but I'm going to work on it next month sometime....It's like a packet capture ( before send ) so you can modify the gets,posts,etc before sending to the server. This would be more for attempting to XXS or SQL inj. Cool idea though. I can't wait to play. Hope this helps :) -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of hkshimulbd () gmail com Sent: Saturday, March 15, 2008 9:00 PM To: security-basics () securityfocus com Subject: Pen tester Hi all, I am working in a Telco as Assistant Manager, Information Security and we want to use commercial scanner for pen testing (port scanning, vulnerability scanning, exploit, password attack etc.). Please provide me information what are the best pen testers and why? Regards, Md. Humayun Kabir (Shimul) [CCSP,MCSE,MCDBA] This email, its contents and attachments contain information from j2 Global Communications, Inc. and/or its affiliates which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this message is prohibited. If you have received this email in error please notify the sender by reply e-mail and delete the original message and any copies. j2 Global Communications. 6922 Hollywood Blvd., Hollywood, CA 90028.
Current thread:
- Pen tester hkshimulbd (Mar 17)
- Re: Pen tester Dennis Dayman (Mar 24)
- RE: Pen tester Kevin Ortloff (Mar 27)
- RE: Pen tester Dan Denton (Mar 27)
- <Possible follow-ups>
- Re: Pen tester rafiscr (Mar 17)
- Re: Pen tester Josh Haft (Mar 17)
- Re: Pen tester morin . goth (Mar 18)
- Re: Pen tester jfvanmeter (Mar 18)
- Re: Pen tester josh . betts (Mar 18)