Commercial Exploit Tools



Greetings all,

I work for a DoD organization as a penetration tester. We currently
use a combination of open source tools and eEye Retina for our tests,
however some excess cash in the budget has given us the opportunity to
grab ourselves a commercial exploitation tool. Given that our
distribution of choice is Backtrack 5 the most obvious choice was
Metasploit Pro. I checked out the most recent list of exploit tools on
seclists, but as the survey is hitting the five year mark I'd expect
things have changed. A quick Google at some alternatives gave me a
list of sponsored ads that I have zero trust in so I figured I'd probe
the community here.

My question is what commercial exploitation tools do you use and
what's your opinion on them. I don't need a huge, detailed explanation
of the tool, just an opinion and the name of the tool. Thanks in
advance!

-Kent

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: Internal Penetration Testing
    ... an internal penetration tester my be ... If nobody is watching then an internal pen test is doubly pointless. ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Verify Your Security Provider -- The truth behind manual testing.
    ... application penetration tester, amongst other things, and the crew I ... because of the problems you mention with highly automated testing. ... Do I really need a Facebook page to be a security expert? ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Formal audit background for the penetration tester?
    ... if this would be a step backward or beneficial to a penetration tester or ... someone with purely technical skills in InfoSec. ... security department in industry, some there might care... ... Information Assurance Certification Review Board ...
    (Pen-Test)