SAINTscanner and exploit
August 01, 2008
£1,370 for a class-C network for both scanner and exploit (one-year subscription)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vulnerability and penetration testing in one easy-to-use product
- Weaknesses: Available only for Linux or Mac architectures
- Verdict: We were really pleased to see how well this workhorse has matured over the years
SAINTscanner and SAINTexploit are two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network. While the scanner uncovers the vulnerabilities, it is Saint Exploit that is the true star of this combination. It can run various exploits remotely, locally and through an already compromised target on to others throughout the network.
We found this product to be quite easy to use. Installation is done on a Linux platform, but we found we did not have to be Linux gurus to run it. The installation steps really were the only command-based piece, and the documentation outlined this process quite well. Once installed, all administration is done through an intuitive GUI with simple tab-top navigation. These tools were also very well integrated with each other in the same interface, so there was no bouncing back and forth between them.
This solution performed very nicely in our test environment. After scanning was complete, creating reports was quick and easy with SAINTwriter. These reports gave an excellent amount of detail in an easy-to-read format. You can also view results quickly in the GUI itself, and all the results can be organised by severity, name or host.
Documentation is in the form of a single PDF document. This guide includes all the necessary installation requirements and tasks, as well as a great amount of detail on configuring and using the product. We found this information to be well organised and easy to follow. However, we would have liked to see some screenshots for better and easier understanding of the product.
Saint includes office-hour phone and email technical support, while 24/7 assistance can be purchased for an additional ten per cent of the list price. Other support available on the website includes product documentation, updates, FAQs, compliance information and exploit lists.
At just under £1,400, this product is a good alternative or addition to an already existing penetration tool for almost any size environment. It combines an easy-to-use look and feel with some highly comprehensive testing ability.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry