|
|
Penetration Testing
Nmap Sep 30 2011 09:17PM Ukpong (ukpong ukpong gmail com) (3 replies) Re: Nmap Oct 02 2011 02:37AM Jeffory Atkinson (jatkinson zelvin com) (1 replies) Re: Nmap Oct 02 2011 09:35PM John M. Martinelli (john martinelli redlevel org) (2 replies) Opinions on Burp Suite Web App Scanner Oct 12 2011 03:31PM Derrenbacker, L. Jonathan (JDerrenbacker KSHGS com) (5 replies) RE: Opinions on Burp Suite Web App Scanner Oct 12 2011 04:41PM Ben de Bont (bendebont gmail com) (1 replies) |
|
Privacy Statement |
Webscarab was my #1 but after using Burp I had to hand over the #1
title to Burp Suite. Many 'on-the-fly' options for testing makes it a
pentesters best friend. You can also refer to this article if you want
more information about different scanners and their accuracy:
http://ha.ckers.org/blog/20100203/accuracy-and-time-costs-of-web-applica
tion-security-scanner-report/
Regards,
Meenal Mukadam
On Wed, Oct 12, 2011 at 10:41 AM, Ben de Bont <bendebont (at) gmail (dot) com [email concealed]> wrote:
>
> BurpSuite is my pen-test teams tool of choice. The spider and scanner are
> great, and it has a lot of other functionality that is very useful. It is
> also cheap - get it.
>
> - Ben de Bont
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
> Behalf Of Derrenbacker, L. Jonathan
> Sent: Wednesday, October 12, 2011 8:31 AM
> To: pen-test (at) securityfocus (dot) com [email concealed]
> Subject: Opinions on Burp Suite Web App Scanner
>
> I have budget for a web app vulnerability scanner, and I was wondering if
> anyone has opinions on the professional version Burp Suite with the scanner
> option.
> Is the scanner any good? Accurate?
>
> This is the website if anyone doesn't know what it is:
> http://portswigger.net/burp/scanner.html
>
>
>
> Thanks,
> Jon
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually
> do a proper penetration test. IACRB CPT and CEPT certs require a full
> practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]