Security Basics mailing list archives
Re: how to discover vulnerability?
From: "Andy Cuff [talisker]" <offthecuff () lineone net>
Date: Thu, 17 Apr 2003 20:58:13 +0100
Hi nguyen There are a few tools out there to help you, but it's a matter of keep plugging away. Look at existing vulnerabilities and figure out the methods used by others and adapt them. I'm no expert at this and it amazes me how some of the vulnerabilities are found, but mostly it comes down to crap code. I've been working on a new page for my site for instructor lead training courses that cover some of the advanced issues around vulnerabilities covering: Writing secure code Finding Vulnerabilities Writing Exploits It's still so much in it's infancy it's not even on the nav bar yet, but as you asked, you can find it at http://www.networkintrusion.co.uk/Csoftadvan.htm Taliskers Network Security Tools http://www.networkintrusion.co.uk ----- Original Message ----- From: "Quynh Nguyen Anh" <quynh () sfc keio ac jp> To: <security-basics () securityfocus com> Sent: Thursday, April 17, 2003 2:39 AM Subject: how to discover vulnerability?
hello, i have a question: almost every day, there are many security holes are discovered. i wonder how they can find these holes? 1. for open source softwares, they must read every source line ? 2. for closed source softwares, they must reverse engineering binary code
?
anway, i dont know exactly how they can discover holes! your ideas on this matter? many thanks. nguyen --------------------------------------------------------------------------
-
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today
to
ensure your place. http://www.securityfocus.com/BlackHat-security-basics --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- how to discover vulnerability? Quynh Nguyen Anh (Apr 17)
- RE: how to discover vulnerability? David Gillett (Apr 17)
- Re: how to discover vulnerability? Andy Cuff [talisker] (Apr 17)
- Re: how to discover vulnerability? K. K. Mookhey (Apr 21)
- <Possible follow-ups>
- Re: how to discover vulnerability? Ali Saifullah Khan (Apr 21)
- Re: how to discover vulnerability? dwarkeeper (Apr 25)