Penetration Testing mailing list archives
Re: database scanning tools
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Thu, 15 Dec 2005 11:25:25 -0800
The good money is on NGSSoftware... Dave does a *ton* of research in database technologies and is really "the guy" in regard to finding vulnerabilities. It makes really good sense to have the people finding all the vulnerabilities be the same people you get your auditing tools from. Though exploits are not made "public" until the vendor has fixed the problem (or in Oracle's case, if they *ever* fix them), NGSSoftware updates their engines immediately in order to keep their customers protected.
t ----- "I may disapprove of what you say, but I will defend to the death your right to say it."----- Original Message ----- From: "Gus Fritschie" <gfritschie () hotmail com>
To: <pen-test () securityfocus com> Sent: Thursday, December 15, 2005 7:14 AM Subject: database scanning tools
I am looking to puchase a database vulnerability scanning tool for our company. I have used the tools from NGSSoftware in the past and have been pretty happy. But I wanted to see if there were other ones that you would recommend that I take a look at.Thnaks! ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- database scanning tools Gus Fritschie (Dec 15)
- RE: database scanning tools Richard Zaluski (Dec 16)
- Re: database scanning tools Thor (Hammer of God) (Dec 16)
- Message not available
- Re: database scanning tools US Infosec (Dec 16)
- Re: database scanning tools NewYork User (Dec 16)
- enumerating nfs shares from a windows shell A. Fontes (Dec 16)
- Re: enumerating nfs shares from a windows shell A. Fontes (Dec 17)
- Re: enumerating nfs shares from a windows shell mozilla (Dec 17)
- Re: database scanning tools okrehel (Dec 17)
- Re: database scanning tools Gus Fritschie (Dec 17)
- Re: database scanning tools David Cravshaw (Dec 17)
- Re: database scanning tools Peter Wood (Dec 17)
- <Possible follow-ups>
- RE: database scanning tools Marcos Marrero (Dec 17)