Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Black Box penetration testing software

Posted on 2014-04-24
7
Medium Priority
?
450 Views
Last Modified: 2014-04-24
I need a good penetration testing software for our web servers. Preferably one that is inexpensive.  Most I have been able to find are nearly $10,000 or more. That cost would be prohibitive.
0
Comment
Question by:jimmylew52
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 40020561
It's usually cheaper to hire a company specialized in security testing/audit.

HTH,
Dan
0
 
LVL 1

Author Comment

by:jimmylew52
ID: 40020594
Any suggestions on a company? The ones I have talked to want  $10,000 plus to perform a scan and want to set up to repetitively scan. We need quarterly scans and third party is not required.
0
 
LVL 5

Accepted Solution

by:
Pasha Kravtsov earned 1336 total points
ID: 40020650
Have you tried metasploit or acunitex? I don't think they're that expensive.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 664 total points
ID: 40020679
The problem isn't the software. 99% of website pentesting software out there is free or at least has a free trial version.

The problem is gaining the skills to use it - if you want software you can just point at a site and get the same class of answer you would get from an experienced pentester, you are in for a very long wait; even the best and most expensive software needs to be configured to perform the appropriate fuzzing and SQLi attacks.
0
 
LVL 5

Assisted Solution

by:Pasha Kravtsov
Pasha Kravtsov earned 1336 total points
ID: 40020689
I agree with Dave, if you want a truly accurate pentest on your website/network you're going to want to hire a firm that specializes in it. Some tools and automation can miss things only an experienced tester can see.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 40020718
Or if you are on a budget but have the time - learn those skills. Everything you need is on the internet for free, you just have to be willing to put in the hours to learn it.
0
 
LVL 1

Author Closing Comment

by:jimmylew52
ID: 40021041
Thanks, it looks like acunetix is going to be the solution for us.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Experts Exchange expands question security options for members.
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question