lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e9d9d4020801012051k3cd0bc9eu161401214b9be62f@mail.gmail.com>
Date: Tue, 1 Jan 2008 22:51:30 -0600
From: reepex <reepex@...il.com>
To: "Andre Gironda" <andreg@...il.com>, full-disclosure@...ts.grok.org.uk
Subject: Re: [Professional IT Security Providers -
	Exposed] QuietMove ( D - )

On Jan 1, 2008 9:53 PM, Andre Gironda <andreg@...il.com> wrote:

> I wouldn't do a direct comparison, but I thought UPT was more about being
> funny than being seriously
> challenging.


ok so they are nothing alike because ptp/hts actually teach you stuff while
"UPT" was for jokes... so your post was stupid


> Look, you rated Denim Group as A-.  You must either work there - or
> know the guys.  Dan Cornell is a moron compared to Adam Muntner - and
> his code is certainly worse (e.g. Sprajax).


I am not a part of secreview but I realize following email threads is very
complicated for you.


> Adam and team know Burp Suite, use manual web application testing - in
> addition to traditional dynamic and static analysis.
>
> I have seen Adam and crew using Fortify Software's SCA and Tracer
> tools.  I have seen them using Hailstorm ARC and modifying the
> Javascript included in the SmartAttack library.  I would call this a
> best-of-breed security testing methodology.


So you list 5 tools they use then mention they modify a javascript
library...  So basically they use automated tools and  are former  web
developers ... sound pretty hardcore


> More people will read mine than anything you do -- and with my name on it
> -- they are certainly bound to take it a lot more seriously.
>

You must be a cissp because you take yourself and the internet very
seriously. I am pretty sure no one cares about your opinion either.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ