NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Immunitysec Daily Dave> 2004-q3

RE: [Dailydave] RE: Network Exploitation Tools aka ExploitationEngines

From: Clement Dupuis (cdupuiscccure.org)
Date: Sat Sep 04 2004 - 19:52:10 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

CANVAS is completely programmed in Python.

You can no only look at the exploit but also the interface :-)

As I have said in the past, core impact has more beautifying, more wrapping,
and more people behind it supporting it but at the price that CANVAS is
sold, you can definitively afford CANVAS and it does a great job.

There were some stability issues with the earlier version of CANVAS but
overall I have found that it was a great tool for what it is intended:
PENTEST

Core Impact has more features wrapped but you pay for these features such
has having NMAP integrated etc... etc... One of the beef I had with core
impact was the fact that it was tied to specific version of WinPcap and you
were out of luck at time if you were running the latest version of NMAP with
the latest version of Winpcap.

Ask both vendors for a demo. See for yourself, try it yourself, that's
probably the best way to find out which one better fill your needs.

Clement

> -----Original Message-----
> From: dailydave-bounceslists.immunitysec.com [mailto:dailydave-
> bounceslists.immunitysec.com] On Behalf Of Kurt Seifried
> Sent: Saturday, September 04, 2004 7:55 PM
> To: Clarke, Tyronne (Contractor); pen-testsecurityfocus.com;
> dailydavelists.immunitysec.com
> Cc: focus-mssecurityfocus.com
> Subject: Re: [Dailydave] RE: Network Exploitation Tools aka
> ExploitationEngines
>
> >Based upon experienced findings during live testing, which product
> provides
> >you with most clarity of comprehensive information( CANVAS or CORE
> >Impact? ). You >mentioned CANVAS allows you to look under the hood and
> >analyze the exploits but what about CORE Impact.
>
>
> Core impact uses Python for the exploits, so you can look under the hood
> quite easily so to speak.
>
>
> Kurt Seifried, kurtseifried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://www.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://www.immunitysec.com/mailman/listinfo/dailydave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]