Penetration Testing mailing list archives

Re: out of box scanner

From: yilmaz.cankaya () uekae tubitak gov tr
Date: Tue, 1 Dec 2009 00:33:16 +0200




  Hi John 
only through personal
experience and  not to be taken as fact,  acutetix may be a good bet for
commercial use. The ones you mentioned may have problems with permutating
the parameter values for complex scenarios which is of great importance
most of the time.  Examples may be provided over private e-mailing if you
wish. In any case,  try w3af if  only testing matters. 

Regards

I'm currently evaluating some commercial

scanners and wanted to get a

feel for others experiences with

appscan/cenzic/webinspect.  Any

gotcha's with any of these

products and can anybody recommend one over

the other?

thanks,
John

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification

Review

Board

Prove to peers and potential

employers without a doubt that you can

actually do a proper

penetration test. IACRB CPT and CEPT certs require a

full

practical examination in order to become certified.

http://www.iacertification.org

------------------------------------------------------------------------


 



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Re: out of box scanner Rob Fuller (Dec 01)
- <Possible follow-ups>
- Re: out of box scanner yilmaz . cankaya (Dec 01)
- Re: out of box scanner Nathan Grandbois (Dec 04)