Penetration Testing mailing list archives
Re: Pentesting tool - Commercial
From: Trygve Aasheim <trygve () pogostick net>
Date: Wed, 27 Feb 2008 21:38:29 +0100
And add the fuzzer for SQL and PHP, the ease of pentesting through mail either using attachments or links, the SDK to add your own modules and the toolbox Core Security has added into Impact.
Talking about the exploits themselves is so wrong when discussing these frameworks. And as Erin is pointing out, some of the exploits has a huge amount of targets...
This doesn't mean I don't like or use Metasploit, Canvas or any other...I just want to point out that the quality of a product is not based a number, and Core Impact has proven its quality many times, and in many ways.
Erin Carroll wrote:
On Tue, 26 Feb 2008, Andre Gironda wrote:Core Impact is fine, but what about the other 400 exploits packaged with CANVAS, Gleg/Argeniss, and Metasploit? I haven't even included the CANVAS sharing alliance or D2 pack statistics, which I don't really have readily available. Core Impact barely has 200 exploits all by itself.Core is currently at 463 modules with 661 exploit target entry points. But your point about other applications to look at is valid, especially Canvas. Metasploit is great when you want to play with the code guts etc but if you require spiffy reports it is not the app's forte.Just sayin' -- Erin Carroll Moderator, SecurityFocus pen-test mailing list "Do Not Taunt Happy-Fun Ball" ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Pentesting tool - Commercial bramkie (Feb 21)
- Re: Pentesting tool - Commercial Andre Gironda (Feb 25)
- RE: Pentesting tool - Commercial Ramki B (Feb 26)
- Re: Pentesting tool - Commercial Andre Gironda (Feb 26)
- RE: Pentesting tool - Commercial Ramki B (Feb 26)
- RE: Pentesting tool - Commercial Foster, Matt (Feb 25)
- RE: Pentesting tool - Commercial Ramki B (Feb 26)
- Re: Pentesting tool - Commercial Andre Gironda (Feb 26)
- Re: Pentesting tool - Commercial Erin Carroll (Feb 27)
- Re: Pentesting tool - Commercial Trygve Aasheim (Feb 27)
- Re: Pentesting tool - Commercial Andre Gironda (Feb 27)
- Re: Pentesting tool - Commercial Trygve Aasheim (Feb 28)
- Re: Pentesting tool - Commercial Chris McNab (Feb 28)
- Re: Pentesting vs VA - was Pentesting tool - Commercial Robert E. Lee (Feb 28)
- RE: Pentesting tool - Commercial Ramki B (Feb 26)
- Re: Pentesting tool - Commercial Andre Gironda (Feb 25)
- AW: Pentesting tool - Commercial puppe (Feb 27)
- RE: Pentesting tool - Commercial Ferris, Joe (Feb 27)
- <Possible follow-ups>
- Re: Pentesting tool - Commercial Yousif (Feb 22)
- RE: Pentesting tool - Commercial Trygve Aasheim (Feb 25)
- Re: Pentesting tool - Commercial Terry Cutler (Feb 25)
- RE: Pentesting tool - Commercial Trygve Aasheim (Feb 25)