Kali Linux vs. ManageEngine Application Control Plus vs. Metasploit

Kali Linux is especially well suited in environments where high security is needed for your custom developed applications. This is well suited for offensive testing your high security in house developed applications. It is also very good for doing penetration testing on in house developed applications and safe guarding them from external attackers. Kali Linux is tough for use as a day to day Linux operating system as this was never intended to be used by beginners and occasional Linux users.

Incentivized

It works great if you want to run an application as an admin. We did find out that it will not work, or at least we cannot get it to work for users that need to change the IP address on their endpoint to connect to a traffic light. So far those users are still admins until we can figure it out

Incentivized

It is easy to use with sufficient documentation on how to use the tools for end users or newbies. Experienced testers will find it easy to customise and configure the test cases. Just wished that I could have taken up a course on using this tool in my study days so that I could had explored more and improved my familiarity with the tool, unlike when working where access and time to explore the other features of the tool is limited

Incentivized

• Analyzing SSL certificates
• Analyzing SSL server configurations
• Vulnerability scanning
• Port scanning

Incentivized

• Console built well and easy to understand
• Support is awesome
• Pulls in the exe information so that it is easy to allow the application to be ran as an admin

Incentivized

• Easy to use.
• Many exploits available.
• Multi-platform.

Incentivized

• Option to deselect tools upon install
• Instructions for all the tools
• Lightweight install option

Incentivized

• The agent on the endpoint will sometimes fail to install or it will get corrupted. Nothing in the console that we can find tells us that there is an issue
• Create an agent that also works with the other products that you sell. If we have more than one product there is a chance that it may not work
• I really do not have a 3rd. This is a really good product

Incentivized

• More robust menus
• Better plugin inter-operation

Incentivized

Extremely easy to use. Once we had a good idea of how it worked we had it up and running in about 2 weeks. It did take us nearly 9 months to get it installed and fully operational on all users endpoints that needed it. My admin on the team that runs the software loves it.

Incentivized

We don't use it.

Incentivized

I will Stack Kali Linux at the top of among to its similar devices.

Incentivized

ME has many more applications that are in the database that will work. The cost was also much cheaper that is until we confronted the other vendor about us finding another product. At that point it was too late. We own other ME products and have found success in all of them

Incentivized

Metasploit is the most well-known tool in the average pen tester's toolkit. It's hard to compare to its neighbor's due to its size and following.

Incentivized

• Costs
• Time taken to setup
• Configurations needed for each use

Incentivized

• This product will help us better secure our environment. That alone is a huge cost savings
• We have allowed users that were admins to still be able to install some software on their endpoints without having admin rights on the whole endpoint
• This product has woke up some in the department to look for applications that do not require admin rights.

Incentivized

• Positive: Improves efficiency of our network penetration testing operations.
• Positive: Allows for collaboration and information sharing during a penetration test.

Incentivized