Are you looking for tools that will be run on a Unix or Windows platform?
Also, are you looking for host or network-based tools? If you are not
familiar with the terminology, host-based tools reside on the machine being
tested and allow for a much deeper local inspection while network-based
tools are run from a computer other than the one being tested and are better
for testing remote vulnerabilities. Some network-based tools have remote
agents that are installed on the system being tested so that you can test
both sides at once. As for testing your application, AppScan by Sanctum is
the only automated tool that I know of. I don't know if it works
specifically with ColdFusion,
http://www.sanctuminc.com/security/appscan/index.html.
Steve
-----Original Message-----
From: Mike Amburn [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 11, 2001 10:49 AM
To: CF-Talk
Subject: OT: intrusion/penetration tools
I'm looking for any tools/utilities to test the security of my
application/server, specifically against intrusion/penetration or other
tricks (DOS, ping of death, etc).
Any suggestions?
-mike
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
