From: Clement Dupuis (cdupuis@cccure.org)
Date: Sat Sep 04 2004 - 20:52:10 EDT
CANVAS is completely programmed in Python.
You can no only look at the exploit but also the interface :-)
As I have said in the past, core impact has more beautifying, more wrapping,
and more people behind it supporting it but at the price that CANVAS is
sold, you can definitively afford CANVAS and it does a great job.
There were some stability issues with the earlier version of CANVAS but
overall I have found that it was a great tool for what it is intended:
PENTEST
Core Impact has more features wrapped but you pay for these features such
has having NMAP integrated etc... etc... One of the beef I had with core
impact was the fact that it was tied to specific version of WinPcap and you
were out of luck at time if you were running the latest version of NMAP with
the latest version of Winpcap.
Ask both vendors for a demo. See for yourself, try it yourself, that's
probably the best way to find out which one better fill your needs.
Clement
> -----Original Message-----
> From: dailydave-bounces@lists.immunitysec.com [mailto:dailydave-
> bounces@lists.immunitysec.com] On Behalf Of Kurt Seifried
> Sent: Saturday, September 04, 2004 7:55 PM
> To: Clarke, Tyronne (Contractor); pen-test@securityfocus.com;
> dailydave@lists.immunitysec.com
> Cc: focus-ms@securityfocus.com
> Subject: Re: [Dailydave] RE: Network Exploitation Tools aka
> ExploitationEngines
>
> >Based upon experienced findings during live testing, which product
> provides
> >you with most clarity of comprehensive information( CANVAS or CORE
> >Impact? ). You >mentioned CANVAS allows you to look under the hood and
> >analyze the exploits but what about CORE Impact.
>
>
> Core impact uses Python for the exploits, so you can look under the hood
> quite easily so to speak.
>
>
> Kurt Seifried, kurt@seifried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave@lists.immunitysec.com
> http://www.immunitysec.com/mailman/listinfo/dailydave
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:03 EDT