Black Box penetration testing software

Posted on 2014-04-24
Last Modified: 2014-04-24
I need a good penetration testing software for our web servers. Preferably one that is inexpensive.  Most I have been able to find are nearly $10,000 or more. That cost would be prohibitive.
Question by:jimmylew52
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 35

Expert Comment

by:Dan Craciun
ID: 40020561
It's usually cheaper to hire a company specialized in security testing/audit.


Author Comment

ID: 40020594
Any suggestions on a company? The ones I have talked to want  $10,000 plus to perform a scan and want to set up to repetitively scan. We need quarterly scans and third party is not required.

Accepted Solution

Pasha Kravtsov earned 334 total points
ID: 40020650
Have you tried metasploit or acunitex? I don't think they're that expensive.
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 166 total points
ID: 40020679
The problem isn't the software. 99% of website pentesting software out there is free or at least has a free trial version.

The problem is gaining the skills to use it - if you want software you can just point at a site and get the same class of answer you would get from an experienced pentester, you are in for a very long wait; even the best and most expensive software needs to be configured to perform the appropriate fuzzing and SQLi attacks.

Assisted Solution

by:Pasha Kravtsov
Pasha Kravtsov earned 334 total points
ID: 40020689
I agree with Dave, if you want a truly accurate pentest on your website/network you're going to want to hire a firm that specializes in it. Some tools and automation can miss things only an experienced tester can see.
LVL 33

Expert Comment

by:Dave Howe
ID: 40020718
Or if you are on a budget but have the time - learn those skills. Everything you need is on the internet for free, you just have to be willing to put in the hours to learn it.

Author Closing Comment

ID: 40021041
Thanks, it looks like acunetix is going to be the solution for us.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blackberry and SMS logging 5 39
disable USB on Dell Printers 14 83
Cisco EAP TLS, ACS and changing Root CA 4 78
Wannacry 44 104
Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question