Blog Posts Tagged with "Scanners"
September 05, 2012 Added by:Fergal Glynn
When dynamic scanning engines were first designed they were primarily tools for penetration testers to use on a few select web applications deemed critical enough to warrant serious testing. But times have changed, every Internet facing application is now a potential attack surface...
July 30, 2012 Added by:Dale Rapp
Vistumbler is an excellent free tool that scans for nearby wireless networks within range of your wi-fi adapter. Once Vistumbler finds a wireless network it will display the networks SSID, signal strength, encryption being used, mac address, the networks channel, access point manufacturer, and much more...
July 25, 2012 Added by:Fergal Glynn
Dynamic Application Security Testing (DAST) tool vendors demonstrate their tools by allowing prospects to scan test sites so they can see how the scanner works and the reports generated. We should not gage the effectiveness of a scanner by only looking at the results from scanning these public test sites...
July 16, 2012 Added by:Shay Chen
There hasn't been any independent methodology for evaluating web application vulnerability scanners in a while. The following is a comprehensive guide for choosing the best scanner based on conclusions from the 2012 benchmark study - a comparison of 10 crucial aspects of 60 web application vulnerability scanners...
June 25, 2012 Added by:Ian Tibble
“Run a scanner by it” still appears in so many articles – it's still very much part of the furniture. Software suites are built on the use of automated unauthenticated scanning – in some cases taking an open source scanning engine, wrapping a nice GUI around it, and slapping a 25K USD price tag on it...
April 09, 2012 Added by:Headlines
"The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications... ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually..."
March 26, 2012 Added by:Infosec Island Admin
What is worrying is that the scanner online at amihackerproof.com has no restrictions on it as to who it may scan, just put in an IP or domain name and click to hit some systems using this site. That’s right Mark Zuckerberg, you now can see if facebook.com is easily pwn-able...
March 26, 2012 Added by:Ian Tibble
For all intents and purposes, penetration testing had become such a low quality affair that clients stopped paying for it unless they were driven by regulations to perform periodic tests of their perimeter "by an independent third party"...
March 06, 2012 Added by:Ian Tibble
Operating System Security is radically under-appreciated, and this has been the case since the big bang of security practices in the mid-90s. OS security, along with application security, is the front line in the battle against hackers, but this has not been widely realized...
February 09, 2012 Added by:Dan Dieterle
Looking for a program that monitors internet use, allows granular control over sites and services they can access, coupled with comprehensive web security and threat detection that includes scanning with three Anti-Virus engines? Look no further...
February 03, 2012 Added by:Brent Huston
If you find those strings, they usually indicate other PHP scanners, worms or attack tools have compromised the system. Now, if you don’t find those, it does NOT mean the system is safe, the list of all of those relevant strings would be too large and dynamic to manage...
February 01, 2012 Added by:Dan Dieterle
A vulnerability scanner is a tool that can automatically scan your network and the systems connected to it, examining each one for vulnerabilities that could be exploited. Malicious users frequently use scanners to hunt for ways to compromise your systems...
January 22, 2012 Added by:Bob Radvanovsky
Wile I am certain that the majority of this membership knows what Shodan is, honestly, it represents slightly more than an automated port scanner reporting back on some of the more common open ports (HTTP, SNMP, telnet) that appear to be pingable throughout the Internet...
January 20, 2012 Added by:Security Ninja
I developed and would like to introduce the Windows Phone App Analyzer, The Windows Phone App Analyser is similar to the static analysis tab in Agnitio. If you browse to any C# .cs files and click scan you will see the keyword highlighting that you might be familiar with from Agnitio...
January 10, 2012 Added by:Drayton Graham
Simply put, a Vulnerability Assessment is a piece of code that will identify and report on known vulnerabilities, but a scanner will likely run into false positives. A Penetration Test goes a step further in that a human exploits vulnerabilities, but false positives do not exist...
January 09, 2012 Added by:Fergal Glynn
Just before the holidays, we detected a cross-site scripting (XSS) vulnerability while running a web application scan for one of our customers. As it turned out, the discussion forum where we found the XSS was a SaaS-based product called Lithium...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015