From: Vishal Garg (vishal@firstbase.co.uk)
Date: Thu May 10 2007 - 05:30:02 EDT
Hi,
There are some free web applications offered by Foundstone such as
Hacme Bank, Hacme Travel and few more. These are all web applications
offering different functionalities and you can try to exploit
vulnerabilities in these web applications within your test network.
Hope that helps.
Vishal
At 07:27 5/9/2007, M. Groen wrote:
>Thanks for the clear explanation.
>
>One other question, does anyone happen to know if there are sites on which
>you can try "pen testing" products, like WebInspect, or Hailstorm? I mean
>a " playground" on which it is allowed to do pen-tensting (and make
>mistakes)?
>
>Mathijs
>
> > Zack,
> >
> > First of all, it depends on what you want in a pen-test tool. Second, it
> > also depends on what you mean by pen-testing. In my opinion, unless there
> > is an actual exploit leveraged and a payload or injection of some sort,
> > you
> > are talking Vulnerability Assessment and not pen-testing. It's a semantic
> > difference to some but there is a procedural difference between
> > identifying
> > potential vulnerabilities and actively exploiting found vulnerabilities.
> >
> > The 3 tools you list are all web application-centric in their focus and
> > are
> > not what I would consider true pen-testing tools per se; they are more
> > Application layer vulnerability scanners with limited exploit payloads to
> > reduce false positive findings (XSS and SQL injection checks etc).
> > Watchfire's AppScan, Cenzic's Hailstorm, and SPI's WebInspect are all
> > great
> > tools but they do not test the full gamut of OS or services. If you are
> > focused solely on application layer assessment then any of these 3 should
> > suit your needs. I personally prefer WebInspect due to some of the extra
> > tools and functionality it provides, as well as the various customizable
> > report patterns and compliancy-directed scanning but each has it's strong
> > points.
> >
> > If you are looking for what most on the list would consider broad spectrum
> > pen-testing tools you should take a look at Core Impact or Metasploit.
> > There
> > are other pen-testing tools available but these two are probably the most
> > widely used. Core=commercial, Metasploit=OSS so if your organization needs
> > support not found in a chat room or online forum Core is the way to go.
> > I'm
> > fond of how Impact's payload is a memory-resident compromise so there is
> > no
> > actual change to the target compromised system and it can use any
> > exploited
> > box found to search out other machines it can see which is valuable in
> > moving your penetration farther into the private network.
> >
> > While automated tools are getting better and easier to use, nothing beats
> > an
> > experienced pen-testing services company. The better ones go beyond
> > automated tool runs and can offer services that include social
> > engineering,
> > custom exploit coding, and other company-specific scope needs. Depending
> > on
> > your budget you may also want to look into that avenue.
> >
> > Hope that helps and welcome to the list.
> >
> >
> > --
> > Erin Carroll
> > Moderator
> > SecurityFocus pen-test list
> > "Do Not Taunt Happy-Fun Ball"
> >
> >
> >
> >
> >> -----Original Message-----
> >> From: listbounce@securityfocus.com
> >> [mailto:listbounce@securityfocus.com] On Behalf Of
> >> zackpeters75@yahoo.com
> >> Sent: Monday, May 07, 2007 8:58 PM
> >> To: pen-test@securityfocus.com
> >> Subject: Opinions of automated testers
> >>
> >> Hi,
> >>
> >> My manager gave me our pen testing project and I'm still
> >> coming up to speed so forgive me if this question is not 100%
> >> list appropriate.
> >>
> >> >From what I can tell the top 3 automated pen testing
> >> programs are from SPI Dynamics, Cenzic and Watchfire. I
> >> haven't evaled any of them quite yet but they each seem to
> >> have their advantages and disadvantages. Cenzic is claiming
> >> to be the most accurate at least according to their 20/20
> >> marketing program
> >> http://www.cenzic.com/forms/ec.php?pubid=10076 but I'm
> >> wondering what people have actually seen.
> >>
> >> And if any of you posters from SPI, Cenzic or Watchfire want
> >> to email me directly and tell me your benefits, that's fine.
> >> I don't want the thread to be a sales pitch, just looking to
> >> benefit from the knowledge of others.
> >>
> >> Thanks everyone!
> >>
> >> Zack
> >>
> >> --------------------------------------------------------------
> >> ----------
> >> This List Sponsored by: Cenzic
> >>
> >> Are you using SPI, Watchfire or WhiteHat?
> >> Consider getting clear vision with Cenzic See HOW Now with
> >> our 20/20 program!
> >>
> >> http://www.cenzic.com/c/2020
> >> --------------------------------------------------------------
> >> ----------
> >>
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Are you using SPI, Watchfire or WhiteHat?
> > Consider getting clear vision with Cenzic
> > See HOW Now with our 20/20 program!
> >
> > http://www.cenzic.com/c/2020
> > ------------------------------------------------------------------------
> >
> >
>
>
>
>------------------------------------------------------------------------
>This List Sponsored by: Cenzic
>
>Are you using SPI, Watchfire or WhiteHat?
>Consider getting clear vision with Cenzic
>See HOW Now with our 20/20 program!
>
>http://www.cenzic.com/c/2020
>------------------------------------------------------------------------
***************************************************************
Vishal Garg MSc CISSP
Penetration Tester
First Base Technologies
Tel: +44 (0)1273 454525
www.fbtechies.co.uk
www.white-hats.co.uk
****************************************************************
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT