Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Penetration Testing or Vulnerability Scanning?

Penetration Testing or Vulnerability Scanning?

From: Rizwan Ali Khan <rizwanalikhan74_at_yahoo.com>
Date: Sun, 2 Mar 2003 01:10:31 -0800 (PST)

When usually we talk about penetration testing tools,
people mosly
refer to Vulnerability Scanners like iss, typhon,
nessus, cybercop etc.

However penetration testing tools are those who
penetrate as well, the
above scanners do not do that.

One needs to have a working version of SSH exploit for
the SSH
vulnerability detected by the vulnerability scanner,
so is it necessary for
penetration tester to have access to the latest of
underground exploit? or
could all this be done in an ethical manner too?

please guide I am so confused between two of these
methodologies.

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Mar 02 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos