Scanner + Exploit
August 04, 2008
$2,695 for a Class C network
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vulnerability/penetration testing in one easy-to-use product.
- Weaknesses: Available only for Linux or Mac architectures.
- Verdict: We were really pleased to see how well this workhorse has matured over the years. It came within a hair of being our Recommended product.
Saint Scanner and Saint Exploit 6.7.11 are two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network. To be sure of total security risk, the integration of these products allows for not only vulnerability assessment, but also the attempt at exploiting those vulnerabilities. While the Scanner uncovers the vulnerabilities, it is Exploit that is the true star of this combination. Exploit can run various exploits remotely, locally and through an already compromised target onto others throughout the network.
We found this product to be quite easy to use. Installation is done on a Linux platform, but we found we did not have to be Linux experts to run it. The installation steps really were the only command-based piece of this product, and the documentation outlined these step quite well.
Once installed, all of the administration is done through an intuitive GUI, with simple tab top navigation. We also found that these products were very well integrated with each other in the same interface, so there was no bouncing back and forth between them.
This product performed nicely in our test environment. After scanning was complete, we found that creating reports was quick and easy with Saintwriter. These reports gave an excellent amount of detail in a nice easy to read format. It is also possible to view results quickly in the GUI itself, and all the results can be organized by severity, name or host.
Documentation comes in the form of a single PDF document. This guide includes all the necessary installation requirements and tasks, as well as a great amount of detail on configuring and using the product. We found this documentation to be well organized. However, we would have liked screen shots for easier understanding.
Saint includes eight hours a day/five days a week phone and email technical support, while 24/7 support can be purchased for 10 percent of the list price.
At just under $2,700, this solution is a good alternative, or addition to, an already existing penetration tool for almost any size environment. It combines an easy-to-use look and feel with some highly comprehensive testing ability.
Sign up to our newsletters
SC Magazine Articles
- Zero-day in Fiat Chrysler feature allows remote control of vehicles
- 'GSMem' malware designed to infiltrate air-gapped computers, steal data
- All smartwatches are vulnerable to attack, finds study
- Apple App Store and iTunes buyers hit by zero-day
- Hacking Team issues new statement while researcher clears up Android tool confusion
- United reportedly hacked by same group that breached Anthem, OPM
- HAMMERTOSS malware represents culmination of 'best practices' for cyber attackers
- Hundreds of Massachusetts General Hospital patients notified of data incident
- Majority of Android devices vulnerable to denial-of-service bug
- Security concerns raised at Windows 10 roll-out