Solved

Black Box penetration testing software

Posted on 2014-04-24
7
425 Views
Last Modified: 2014-04-24
I need a good penetration testing software for our web servers. Preferably one that is inexpensive.  Most I have been able to find are nearly $10,000 or more. That cost would be prohibitive.
0
Comment
Question by:jimmylew52
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 40020561
It's usually cheaper to hire a company specialized in security testing/audit.

HTH,
Dan
0
 
LVL 1

Author Comment

by:jimmylew52
ID: 40020594
Any suggestions on a company? The ones I have talked to want  $10,000 plus to perform a scan and want to set up to repetitively scan. We need quarterly scans and third party is not required.
0
 
LVL 5

Accepted Solution

by:
Pasha Kravtsov earned 334 total points
ID: 40020650
Have you tried metasploit or acunitex? I don't think they're that expensive.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 166 total points
ID: 40020679
The problem isn't the software. 99% of website pentesting software out there is free or at least has a free trial version.

The problem is gaining the skills to use it - if you want software you can just point at a site and get the same class of answer you would get from an experienced pentester, you are in for a very long wait; even the best and most expensive software needs to be configured to perform the appropriate fuzzing and SQLi attacks.
0
 
LVL 5

Assisted Solution

by:Pasha Kravtsov
Pasha Kravtsov earned 334 total points
ID: 40020689
I agree with Dave, if you want a truly accurate pentest on your website/network you're going to want to hire a firm that specializes in it. Some tools and automation can miss things only an experienced tester can see.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 40020718
Or if you are on a budget but have the time - learn those skills. Everything you need is on the internet for free, you just have to be willing to put in the hours to learn it.
0
 
LVL 1

Author Closing Comment

by:jimmylew52
ID: 40021041
Thanks, it looks like acunetix is going to be the solution for us.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now