Firewall Wizards mailing list archives

Re: VA vs PT tool

From: Ivan Arce <ivan.arce () corest com>
Date: Thu, 19 Jun 2003 21:30:55 -0300

I could not resist and jumped in...

ok, so i work for the company that sells CORE IMPACT but i will
try to keep this as objective as possible. However, my opinions are not
unbiased.

CORE IMPACT does exactly what you ask for, it ships with real
exploits (developed in-house, NOT a collection of publicly available

proof of concept code hacked together from mailing lists and archives), thatactually compromise systems and install agents on them by exploiting theirvulnerabilities, the user can the take advantage of the deployed agents to

elevate privileges in compromised hosts or penetrate further into the target
network, the substatial and troublesome part of any penetration test.

the infosecurity magazine review of the product is not especially good,

but most of the shortcomings pointed out in the article steem from itsnetwork mapping and os fingerprinting capabilities.That is certainly a necessary part of any PT and the product covers itlightly according to infosecmag. but the real strengths and its unique-nessare more apparent with the exploitation, attack and privilege escalation andreporting and cleanup capabilities.



-ivan

---

Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES

46 Farnsworth Street
Boston, MA 02210
Ph: 617-399-6980
Fax: 617-399-6987
ivan.arce () coresecurity com
www.coresecurity.com

PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A


Gregory Austin wrote:

Simon,
You may want to take a look at the latest Information Securitymagazine (June). There is an article about a product called CORE IMPACTthat purports to do what you're looking for. I personally have noexperience with the product, and it didn't get an especially good reviewfrom the magazine, but if you're interested you can find the articleon-line at:
     http://www.infosecuritymag.com/2003/jun/testcenter.shtml

Greg
However, a VA tool is limited, in that it only stops at thevulnerability.
I'm looking at a Pen Test tool that not only does the VA functionalitybut
also exploit the vulnerability thus
defining it as a real THREAT and not just a vulnerability.

Is there a widely accepted tool on the market right now ?
==============================
Greg is, among other things,  a moron.
Anything he has said above is solely his
own opinion, not that of his employer.
==============================

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

VA vs PT tool SimonChan (Jun 13)
- RE: VA vs PT tool Ben Nagy (Jun 13)
- Re: VA vs PT tool Gregory Austin (Jun 16)
  - Re: VA vs PT tool Ivan Arce (Jun 22)
- <Possible follow-ups>
- Re: VA vs PT tool Gregory Austin (Jun 15)
  - Re: VA vs PT tool Cat Okita (Jun 15)