lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <F50FBEAD7A52B8468B9F3C875916681AEEE599@BXCH2K.bjw2k.asg>
Date: Fri Feb 24 16:03:34 2006
From: tkrpata at bjs.com (Krpata, Tyler)
Subject: Automated Vulnerability Scanners

You're probably not searching specifically enough. "New, unknown
problems" is a pretty vague thing to look for. If you are looking for an
automated tool to find specific types of vulnerabilities, you will
probably have better luck. For example if you're looking to scan C
source code for vulnerabilities, you would find a completely different
set of tools and tests than if you wanted to scan web apps from the UI
side. (Just for example.)  

-----Original Message-----
From: Q Beukes [mailto:full-disclosure@...t.za.net] 
Sent: Friday, February 24, 2006 10:21 AM
To: Full Disclosure
Subject: Re: [Full-disclosure] Automated Vulnerability Scanners

no, what I was talking about was programs/algorithms that actually scan
software to find new unknown problems.

i have never heard of anything like this myself nor can't think of an
efficient way of implementing it, yet someone claimed they exist.

I can't find any on google either?

Gadi Evron wrote:

> Q Beukes wrote:
>
>> Hey,
>>
>> Recently an interesting topic on a forum cought my attention. The 
>> topic was about automated vulnerability scanning.
>>
>> Does anyone know of a good not-toooooo-technical FAQ/Paper on this 
>> topic?
>> Does anyone know any good such scanners?
>
>
> Beyond security (who I work for).
> Qualys.
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ