From: Anthony Paimany (kurupt3k@gmail.com)
Date: Fri Aug 27 2004 - 18:33:48 EDT
knoppix-STD or PHLAK is the best pen testing distro iv used.
On Thu, 26 Aug 2004 08:59:43 -0400, Martin <mleroux@lincsat.com> wrote:
> All
>
> Nessus is great as mentioned by Wes, which brings me to this excellent
> download tool call Knoppix which has everything you need for VA's,some, Pen
> Test utilities and network monitoring. It runs on a bootable CD or HD
> install.
>
> Cheers
>
> Martin
>
>
>
> -----Original Message-----
> From: wnorth [mailto:wnorth@verizon.net]
> Sent: Tuesday, August 24, 2004 7:49 PM
> To: 'Eric Danso'; pen-test@securityfocus.com
> Subject: RE: QualysGuard
>
> Eric,
>
> Try nessus, it's open source, has better vulnerability detection than most
> tools out there that are commercial, plus I've found that it tends to be
> more accurate when it comes to vulnerabilities, though even with a scanner
> the process of validation doesn't stop with printing the report. ;-)
>
> However, if you are looking for an all around vulnerability detection
> software for web, db etc. You should look at things like appscan, or shadow
> security scanner, etc. There are quite a few out there, to each his own is
> my stand point, what one person likes someone else hates, but it all
> requires validating the findings, typically via manual methods (e.g. testing
> an exploit via manual steps or running some public exploit).
>
> -Wes
>
> -----Original Message-----
> From: Eric Danso [mailto:edanso@myblackberry.com]
> Sent: Tuesday, August 24, 2004 8:50 AM
> To: pen-test@securityfocus.com
> Subject: QualysGuard
>
> Has anyone on this list had a chance to use this product.
>
> I'm interested in getting a Vulnerability scanner that is the defacto of the
> Industry.
>
> Any info would be great.
> Regards,
>
> Eric Danso
>
> ----------------------------------------------------------------------------
> --
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------------
> ---
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>
>
-- Learn.Create.Master ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:01 EDT