?
Solved

Testing tool needed for trial

Posted on 2003-02-26
5
Medium Priority
?
272 Views
Last Modified: 2010-04-12
I want to evaluate a testing tool which will generate test scripts and test the system based on the functions,stored procedures,User Interface,database,web server,security issues.PLease suggest some softwares which are flexible and easy to use.
0
Comment
Question by:amitjk
  • 2
3 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 8026840
This is a very complex task. No tool that's flexible enough will be easy to use.

Further, there is no one tool that does all of this. Some things to look at, however, are:

Cenzic's Hailstorm (www.cenzic.com), which tests over-the-network data.

Sanctum's AppScan (www.sanctuminc.com), which tests web applications.

Nessus (www.nessus.org), which does general network-centric system testing.

NGSSoftware (www.nextgenss.com), which has various database-testing tools
0
 

Author Comment

by:amitjk
ID: 8031476
Thanks for the help. I am looking for a open source tool for these categories.
0
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 80 total points
ID: 8034267
Nessus is your best starting point, then. It does at least part of what the other things do and is easily extensible.

Some other open-source and/or free tools are:
o  Wisker CGI-scanner (www.wiretrip.net/rfp)
o  OWASP WebScarab (www.owasp.org/webscarab)
o  SPIKE fuzzer creation kit (www.atstake.com/research/tools/vulnerability_scanning/)

The SANS Reading Room (www.sans.org/rr/) also has lots and lots of information has papers on application and database security lockdown/testing. Check out the Application & Database Security and Auditing & Assessment areas.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Integration Management Part 2
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question