Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Commercial Exploit Tools
From: "sekhar" <vedantamsekhar () gmail com>
Date: Fri, 30 Sep 2011 23:00:08 +0000

Core Impact is another tool. 
It has client side exploitation as well.
They claim that it has web attack capability but in reality it is useless...

Sent from Mobile
-----Original Message-----
From: Neusbeer
Sent:  01/10/2011 1:05:04 am
To: Kent Blackwell; pen-test () securityfocus com
Subject:  Re: Commercial Exploit Tools

immunitysec's canvas is one of the best I've heard.
(to expensive for me so I only heard it, and a few vids of working with 
canvas)
metasploit is second behind them with Rapid7 neXpose and their Framework.
Nessus can be handy sometimes...

Slaintz,
  Neusbeer

Op 29-9-2011 20:42, Kent Blackwell schreef:
Greetings all,

I work for a DoD organization as a penetration tester. We currently
use a combination of open source tools and eEye Retina for our tests,
however some excess cash in the budget has given us the opportunity to
grab ourselves a commercial exploitation tool. Given that our
distribution of choice is Backtrack 5 the most obvious choice was
Metasploit Pro. I checked out the most recent list of exploit tools on
seclists, but as the survey is hitting the five year mark I'd expect
things have changed. A quick Google at some alternatives gave me a
list of sponsored ads that I have zero trust in so I figured I'd probe
the community here.

My question is what commercial exploitation tools do you use and
what's your opinion on them. I don't need a huge, detailed explanation
of the tool, just an opinion and the name of the tool. Thanks in
advance!

-Kent

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]