I was using the tool for a customer to get quick feedback on their remediations of a known vulnerability while working. The check from their site for the CVE we were mitigating showed all clear from pentest-tools, but it was not all clear. They gave a false negative (far worse than a false positive). I donwloaded a python script from the software vendor to check for the vulnerability in their product and the vendor tool verified that the site was indeed vulnerable. I submitted a ticket to pentest-tools support on January 22 and they responded on February 3 with some advice straight off the support script (useless). I cancelled the service. How are you going to trust a penetration testing website that tells you you are clear for a specific CVE when you most definitely are not clear for that CVE?
Дата отзыва 2020-02-03 18:58:05
Информируйте нас если этот отзыв содержит неправдивую информацию, оскорблительные слова или не соответствует другим нашим стандартам отзыва.
Пожалуйста, войдите или зарегистрируйтесь, чтоб принять участие в голосовании