lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: johnspood at yahoo.com (Mr. John)
Subject: Vulnerability Disclosure Technics

Hi
A question is in my mind everywhen I see a
vulnerability disclosure. I want to know how a person
finds a security vulnerability in a software. Is there
a regular way?
Suppose that I am technical chair of a software group
and   we have a software that security consideration
is important for us. How can I test our software to
ensure that no security vulnerabilities (like buffer
overflow vuln) exists in our software product. Or it
is question for me how for example eEye find many
vulnerabilities in software products. Is there a
regular and formal way? Is there some tools, technics,
method, ... for this purpose, for finding a
vulnerability in a software?

Thanks
John



		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ