Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Penetration Testing or Vulnerability Scanning?
From: Rizwan Ali Khan <rizwanalikhan74 () yahoo com>
Date: Sun, 2 Mar 2003 01:08:26 -0800 (PST)

When usually we talk about penetration testing tools, people mosly refer to Vulnerability Scanners like iss, typhon, 
nessus, cybercop etc.

However penetration testing tools are those who penetrate as well, the above scanners do not do that.

One needs to have a working version of SSH exploit for the SSH vulnerability detected by the vulnerability scanner, so 
is it necessary for penetration tester to have access to the latest of underground exploit? or could all this be done 
in an ethical manner too?

please guide I am so confused between two of these methodologies.

Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, and more

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]