From: FocusHacks (focushacks@gmail.com)
Date: Sat Jan 28 2006 - 02:15:59 EST
I had a demo account with Edgeos.com. Not bad stuff, actually worked
pretty well. Imagine a web based user-friendly nessus front end with
a lot of customizations and some extra reporting options. It was
slick, possibly slick enough to subscribe to if you really want a
periodic check from the outside. I'd recommend it to the right kind
of person, but it's not for everyone. They also have "branding"
ability so that you can re-sell their services if you wish. That'd be
more for you startup security company types, or computer/network
consultants that want to add a little net-sec to their menu, I
suppose.
Samspade.org has always been a mainstay for me. They offer online
web-based tools. If I have access to a Windows laptop, their windows
based tool offers a lot of stuff in a small package that can cut down
the time it takes to do certain pre-vuln-scanning stuff.
Church Of The Swimming Elephant (www.cotse.com) also had some cool
online stuff at one time. I haven't been there in ages. They may
have added or removed stuff since I've been there last. I just did a
quick check to make sure it was still the same site (not a squatter or
something) and nothing more.
Cheers and best of luck!
--Noah
> On 1/25/06, Alvin Oga <alvin.sec@mail.linux-consulting.com> wrote:
> >
> > hi ya
> >
> > On Tue, 24 Jan 2006, Ivan . wrote:
> >
> > > A good online traceroute
> > >
> > > http://networking.ringofsaturn.com/Tools/traceroute.php
> >
> > how does traceroute help you with pen-test??
> > other than it telling you on the inside, how you got to the
> > outside
> >
> > > > Here is my personal favorite list of on-line pen test tools:
> > > > http://www.xs4all.nl/~kazil/testfiles/index.htm
> > > >
> > > > The idea is that you can sit at a customer's terminal and by just "clicking
> > > > around"
> > > > you can perform a quick assessment of the perimeter security and content
> > > > scanning.
> >
> > do an "online update" and see how long ago since they'd maintained their
> > boxes with "FREE" updates
> >
> > > > You don't need to install or run anything. Everyting runs from external
> > > > (public) websites.
> >
> > always a good way to do things
> >
> > > > Do you have some of your own favorites to add to this list?
> >
> > too many to list, but to list in one line:
> > http://Linux-Sec.net
> >
> > - find your favorite sites with:
> > - these online scanners/tests are from outside public sites
> > and intended to see how secure your client box is that you're
> > sitting on and clicking away
> >
> > - online port scanners
> > - online nessus scanners
> > - online dns scanners
> > - online apache scanners
> > - online firewall testers
> > - online open relay tests
> > - online virus scanners of incoming virus
> > ... on-n-on ...
> >
> > c ya
> > alvin
> >
> >
> > ------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on your
> > website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> > futile against web application hacking. Check your website for vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> > -------------------------------------------------------------------------------
> >
> >
>
>
> --
> http://www.FocusHacks.com - The Ford Focus Modification Site!
>
-- http://www.FocusHacks.com - The Ford Focus Modification Site! ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT