RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?
From: Oscar Kooijman (oscar.kooijman_at_chello.nl)
Date: 09/24/03
- Previous message: A.Koot_at_Unive.NL: "Blocking and allowing ActiveX"
- In reply to: Erik Anderson: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Next in thread: Aditya: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <focus-ms@securityfocus.com> Date: Wed, 24 Sep 2003 12:57:12 +0200
Hi,
Try Retina www.eeye.com or shadow security scanner www.safety-labs.com
Oscar Kooijman
Secure-IT
oscar[DOT]kooijman[AT]chello[DOT]nl
-----Original Message-----
From: Erik Anderson [mailto:eanders@midco.net]
Sent: 23 September 2003 20:03
To: Harbar, Spencer; Milind Nanal; focus-ms@securityfocus.com
Subject: RE: Vulnerability scanner for SQL injection, HTML injection-
free or commercial ?
If you have a Linux system try Nessus. It is the best open source/free
Vulnerability Scanner out there.
Erik
> -----Original Message-----
> From: Harbar, Spencer [mailto:spencer.harbar@dns.co.uk]
> Sent: Tuesday, September 23, 2003 10:17 AM
> To: Milind Nanal; focus-ms@securityfocus.com
> Subject: RE: Vulnerability scanner for SQL injection, HTML injection-
> free or commercial ?
>
>
>
> Check out ScanDo from www.kavado.com, WebInspect from
> www.spidynamics.com and AppScan from www.sanctum.com
>
> hth
> Spence
>
>
> -----Original Message-----
> From: Milind Nanal [mailto:milindyn@rolta.com]
> Sent: 19 September 2003 06:31
> To: focus-ms@securityfocus.com
> Subject: Vulnerability scanner for SQL injection, HTML injection- free
> or commercial ?
>
> Hi,
>
> Can anyone please tell me information about any vulnerability scanner
> (free or trial version of commercial scanner) which can scan SQL
> injection , HTML injection of IIS web server running with MS sql 2000
> as a backend database.
>
> I get many document on the internet which tell me few default
> techniques of SQL injection & trying out those to carry out SQL
> injection test. I am looking out for ready made scanner which has a
> set of inbuilt commands to carry out SQL , HTML injection attack &
> give a report , recommendations to solve the problem.
>
> Quick response is appreciated
>
> Regards,
>
> Milind
>
> ----------------------------------------------------------------------
> --
> ---
>
------------------------------------------------------------------------
> ---
>
>
>
>
>
> ------------------------------------------------------------------
> ---------------------------
> This e-mail was checked and validated by the dns email content
> management service.
>
> For information on how to improve email management for your
> organisation, please contact sales@dns.co.uk
> ------------------------------------------------------------------
> ---------------------------
>
>
>
>
>
> ------------------------------------------------------------------
> ---------
> ------------------------------------------------------------------
> ---------
>
>
>
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ ---
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: A.Koot_at_Unive.NL: "Blocking and allowing ActiveX"
- In reply to: Erik Anderson: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Next in thread: Aditya: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
