[Discuss] Penetration testing

[cbwcjw at gmail.com (Chris Wallace)]

Well, since I work for "a consulting company" that seems very attractive ;)

You could try OWASP ZAP, but again that's a little raw.


On Tue, Jun 10, 2014 at 4:26 PM, scottmarydavidsam at gmail.com <
scottmarydavidsam at gmail.com> wrote:

> We need to run security / vulnerability scans against our web server and
> business application (on the same server), I'm looking for suggestion, pro
> and con on scanning tools and any concerns (legal?) around using them. The
> tools don't need to be free but should cost less than $1000.
>
> I'm open to learning to use the tools, I've tried Metasploit, NeXpose and
> Nmap but I'm not sure I have the time and the output data provided seems a
> bit raw.
>
> I'm also looking at Acunetix, they have a cloud based vulnerability
> scanner, you get three scans for $810.
>
> Any help or suggestions other than "hire a consulting company" would be
> appreciated we just don't have the budget to do that right now.
>
> Thanks,
> Scott
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>



-- 
*Chris Wallace*
The Ohio State University | Computer Science and Engineering 2015