[WEB SECURITY] [Tool Release] TA-Mapper BETA: Application Pen-Testing Effort Estimator

Debasis Mohanty debasis.mohanty.listmails at gmail.com
Thu Jan 1 12:37:37 EST 2009

Happy New Year To All!

Time and Attack Mapper (alternatively known as TA-Mapper) is an effort
estimator tool for blackbox security assessment (or Penetration Testing) of
applications. This tool provides more accurate estimation when compared to
rough estimation. Penetration testers who always has hard time
explaining/justifying the efforts charged (or quoted) to their customers can
find this tool handy by able to calculate efforts with greater accuracy
required for application penetration testing. 

I wrote this tool back in 2004 to support some of my freelancing assessment.
I was intrigued to write this tool when I was asked by one of my Fortune 100
customer to justify efforts quoted against the activities for a penetration
testing assignment. It not just helped me win the project but also help me
educate the customer in knowing the activities involved at the micro-level.
After making few changes in the tool I thought I have kept it private too
long and its right time to share it with the world. 

Get it here: http://www.coffeeandsecurity.com/resources/tools/tamapper.aspx


Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list