Full Disclosure mailing list archives
Re: Vulnerability/Penetration Testing Tools
From: greybrimstone () aim com
Date: Thu, 19 Jan 2006 13:45:17 -0500
Alright,I've made an observation. Full Disclosure is a list where emails and subjects evolve into new emails and subjects which are not directly related to the first subject or email. For example, this one has evolved into a discussion about overhead, development and other such things. Really, its quite interesting. ;[
-Adriel -----Original Message----- From: Valdis.Kletnieks () vt edu To: Madison, Marc <mmadison () fnni com> Cc: full-disclosure () lists grok org uk Sent: Wed, 18 Jan 2006 12:14:24 -0500 Subject: Re: [Full-disclosure] Vulnerability/Penetration Testing Tools On Wed, 18 Jan 2006 08:13:05 CST, "Madison, Marc" said: > H D, my apologize. My FD emails were out of order, and I took your> response out of context. If your looking for a script that will combine
> MetaSploit, and Nessus then BidiBLAH will work. Still for $10 grand I> would suggest taking a scripting class at your local college so you can
> make your own BidiBlah. > > Math: > BidiBLAH: $10,000 > College scripting class: $350 > > The knowledge you'll gain for ever, priceless.Something to keep in mind however - many people make that comparison, and
don't calculate the *TOTAL* cost.If your developer is getting paid $60K/year, the *encumbered* cost (benefits, office, etc) is close to twice that. And if he's writing an in-house BidiBLAh,
that's time he's *not* writing stuff you *can't* buy off-the-shelf. As a result, it breaks out as: BidiBLAH: $10,000 scripting clss: $350 6 man-weeks time: $15,000OK? Got that? Suddenly doesn't look like such a good deal, does it? Maybe you *should* just buy BidiBLAH, and have that guy coding that custom interface
between two in-house systems instead....(And don't say "I only pay my developer $30K, so he can take 2 man-months to do it" - the kind of developer you can keep for $30K is probably going to take
a lot more than twice as long as the $60K developer.....) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ________________________________________________________________________Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Vulnerability/Penetration Testing Tools, (continued)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 17)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 17)
- RE: Vulnerability/Penetration Testing Tools Madison, Marc (Jan 18)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Exibar (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools GroundZero Security (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Valdis . Kletnieks (Jan 18)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Dave Korn (Jan 27)
- Re[2]: Vulnerability/Penetration Testing Tools Thierry Zoller (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Michael Holstein (Jan 19)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)
- Re: Vulnerability/Penetration Testing Tools Yvan Boily (Jan 18)
- Re: Vulnerability/Penetration Testing Tools Valdis . Kletnieks (Jan 18)
- Re: Vulnerability/Penetration Testing Tools Andre Ludwig (Jan 18)
- Re: Vulnerability/Penetration Testing Tools greybrimstone (Jan 19)