| Subject: | Re: Database pen-testing tools |
|---|---|
| From: | "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@pacbell.net> |
| Date: | Fri, 18 May 2007 15:52:15 -0700 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=s1024; d=pacbell.net; h=Received:X-YMail-OSG:Message-ID:Date:From:User-Agent:MIME-Version:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=Y1Xsc0YPCXrbv8sEVmWsIH3vDGYtLMBzBnCIjkXH6oBTCicCIlr1aVNsVK24SpPRhvfuPcGNGIwPLlKcFahla8qgQ2GNwteJPKrBx6tgxAUYBMiWXukZ6dTxIGZv0Y0bqboGXAO4bZDZQJkSmtR9Us23H3ZJsF6pXXaNhC95JbU= ; |
| In-reply-to: | <0B5A57DAD1B54958B45EE4DAC9C8074D@MoFo> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <8604406.1179517974712.JavaMail.root@m35> <0B5A57DAD1B54958B45EE4DAC9C8074D@MoFo> |
| Resent-date: | Fri, 18 May 2007 16:51:43 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484190@securityfocus.com |
| Resent-message-id: | <20070518225143.49A8A238062@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
| User-agent: | Thunderbird 1.5.0.10 (Windows/20070221) |
Congrats on the new job. Thor (Hammer of God) wrote: As leaders in database vulnerability research, NGS Software has some excellent audit and assessment tools available for database installations. You can check them out at:www.ngssoftware.comWord on the street is that some dude named "Tim Mullen" or some such just started working with them, and he seems to be a nice enough guy, so I'll go out on a limb and recommend NGS as well ;)t ----- Original Message ----- From: "Erin Carroll" <amoeba@amoebazone.com> To: <pen-test@securityfocus.com> Sent: Friday, May 18, 2007 12:22 PM Subject: Database pen-testing toolsList members, Does anyone have some suggestions or experience with database-specific pen-testing tools that you would recommend? I am by no stretch of the imagination a DBA (I run at the first sign of the words "RelationalDatabase") so tools that don't require a large amount of DBA-ish backgroundto use to their full potential would be of particular interest. The database testing market seems to be growing rapidly now and somerecommendations of tools to look at would be useful. I've played around withNGSSquirrel, AppSec, have experience with some Oracle-specific tools of course...and ran into a new player in the market (Securno) at InfoSecEurope. Just wondering what other players are out there that are effectiveor you've played with. -- Erin Carroll Moderator SecurityFocus pen-test list "Do Not Taunt Happy-Fun Ball" ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Format String Vulnerabilities, rajat swarup |
|---|---|
| Next by Date: | Re: Legality of WEP Cracking, Carl Livitt |
| Previous by Thread: | Re: Database pen-testing tools, Thor (Hammer of God) |
| Next by Thread: | Consulting License Offer, Foster, Matt |
| Indexes: | [Date] [Thread] [Top] [All Lists] |