Re: Vulnerability and Penetration testing software

[jgervacio () seguridad unam mx]

And....

-Tools
Security Focus Tools
http://www.securityfocus.com/tools/category/10
PacketStorm Tools
http://www.packetstormsecurity.org/UNIX/penetration/
VOIP Testing
http://linux-voip.net/Testing/
Insecure Top 75 Security Tools
http://www.insecure.org/tools.html
Whax Pentest List
http://portsonline.net/whaxlist.html
Security Forests ToolTree
http://securityforest.com/wiki/index.php/Category:ToolTree
Windows Security Tests
http://www.windowsecurity.com/securitytests/
Pen-testing Tools for the Pocket PC
http://www.irongeek.com/i.php?page=security/ppchack

-Methodology
OISSG - ISSAF
http://oissg.org/
Guideline on Network Security Testing NIST
http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf
IEEE Standard for Software Test
http://lisa.uni-mb.si/~bregar/Vaje/IEEE-STD-829-1998.pdf

-Docs
Penetration Testing SANS
http://www.sans.org/rr/whitepapers/testing/
An Overview of Network Security Analysis and Penetration Testing
http://www.windowsecurity.com/whitepaper/auditing/An_Overview_of_Network_Security_Analysis_and_Penetration_Testing.html
Demonstrating ROI for Penetration Testing
http://www.securityfocus.com/infocus/1715

-Books
Penetration Tester's Open Source Toolkit
http://www.syngress.com/catalog/?pid=3330
InfoSec Career Hacking: Sell Your Skillz, Not Your Soul
http://www.bookpool.com/sm/1597490113
Penetration Testing and Network Defense
http://www.bookpool.com/ss?qs=Penetration+testing+and+network+defense&x=0&y=0
Google Hacking for Penetration Testers
http://www.bookpool.com/ss?qs=Google+Hacking&x=0&y=0
Hack I.T. -- Security Through Penetration Testing
http://www.bookpool.com/sm/0201719568

g3

Quoting Sherita <sherita_m () hotmail com>:

> Hi
>
> I would like to get some feedback from those who have had lots of security
> experience about the best security vulnerability and penetration testing
> products or software out there.
>
> Thanks
> Sherita
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue 
> to rise,
> you need to proactively protect your applications from hackers. 
> Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------