reports, what are they? Managers, I have seen them on TV. On 26/09/05, Exibar <[EMAIL PROTECTED]> wrote: > > >----- Original Message ----- > >From: "c0ntex" <[EMAIL PROTECTED]> > >To: "Josh Perrymon" <[EMAIL PROTECTED]>; > <[email protected]> > >Sent: Monday, September 26, 2005 3:36 PM > >Subject: Re: [Full-disclosure] CORE-Impact license bypass > > > > >CORE is a good product for what it does. Just as NMAP is and just like > >Nessus is, though relying on them is probably not a good idea for an > >audit. I rather do all pentesting by hand, nothing can compete against > >that and I can't think of a time where I have ever used either Nessus > >or CORE in an audit. > > > >Never used CANVAS. I don't care for Automated exploit tools but > >someone had CORE and I fancied a play as the CORE team are a pretty > >interesting bunch of guys. > > > I fancied a play once too... but she slapped me when I started to play with > her in the hallway :-) > > anyway.... Wouldn't you want to run Nessus on a network you're conducting > a pentest on to get a general overview of what vulnerabilities it finds? > Sure beats guessing or hoping that server-suchandsuch isn't patched. > > As far as automated tools go, bah, manually exploiting the holes is > certainly the way to go. But, the automated tools usually produce nice > pretty reports that you can show the client. They just LOOOOOVVVVVEEEEEE > pretty reports with many bright colors and such for the good stuff and dark > "hacker like" colors for the bad stuff :-) > > Exibar > > >
-- regards c0ntex _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
