Scanner + Exploit
August 04, 2008
$2,695 for a Class C network
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vulnerability/penetration testing in one easy-to-use product.
- Weaknesses: Available only for Linux or Mac architectures.
- Verdict: We were really pleased to see how well this workhorse has matured over the years. It came within a hair of being our Recommended product.
Saint Scanner and Saint Exploit 6.7.11 are two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network. To be sure of total security risk, the integration of these products allows for not only vulnerability assessment, but also the attempt at exploiting those vulnerabilities. While the Scanner uncovers the vulnerabilities, it is Exploit that is the true star of this combination. Exploit can run various exploits remotely, locally and through an already compromised target onto others throughout the network.
We found this product to be quite easy to use. Installation is done on a Linux platform, but we found we did not have to be Linux experts to run it. The installation steps really were the only command-based piece of this product, and the documentation outlined these step quite well.
Once installed, all of the administration is done through an intuitive GUI, with simple tab top navigation. We also found that these products were very well integrated with each other in the same interface, so there was no bouncing back and forth between them.
This product performed nicely in our test environment. After scanning was complete, we found that creating reports was quick and easy with Saintwriter. These reports gave an excellent amount of detail in a nice easy to read format. It is also possible to view results quickly in the GUI itself, and all the results can be organized by severity, name or host.
Documentation comes in the form of a single PDF document. This guide includes all the necessary installation requirements and tasks, as well as a great amount of detail on configuring and using the product. We found this documentation to be well organized. However, we would have liked screen shots for easier understanding.
Saint includes eight hours a day/five days a week phone and email technical support, while 24/7 support can be purchased for 10 percent of the list price.
At just under $2,700, this solution is a good alternative, or addition to, an already existing penetration tool for almost any size environment. It combines an easy-to-use look and feel with some highly comprehensive testing ability.
Sign up to our newsletters
SC Magazine Articles
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- TaxAct breached: Customer banking and Social Security information compromised
- Hacker threatens to expose info on DHS, FBI employees
- Avast patches its web browser after Google finds flaw in Chromium-inspired product
- Draft bill seeks to improve U.S. military cyber warfare capabilities
- Skype targeted by T9000 backdoor trojan
- Clean house to keep WordPress infection from coming back again and again