Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Automated Vulnerability Scanners

From: "Krpata, Tyler" <tkrpata () bjs com>
Date: Fri, 24 Feb 2006 11:03:26 -0500
You're probably not searching specifically enough. "New, unknown
problems" is a pretty vague thing to look for. If you are looking for an
automated tool to find specific types of vulnerabilities, you will
probably have better luck. For example if you're looking to scan C
source code for vulnerabilities, you would find a completely different
set of tools and tests than if you wanted to scan web apps from the UI
side. (Just for example.)  

-----Original Message-----
From: Q Beukes [mailto:full-disclosure () list za net] 
Sent: Friday, February 24, 2006 10:21 AM
To: Full Disclosure
Subject: Re: [Full-disclosure] Automated Vulnerability Scanners

no, what I was talking about was programs/algorithms that actually scan
software to find new unknown problems.

i have never heard of anything like this myself nor can't think of an
efficient way of implementing it, yet someone claimed they exist.

I can't find any on google either?

Gadi Evron wrote:


Q Beukes wrote:


Hey,

Recently an interesting topic on a forum cought my attention. The 
topic was about automated vulnerability scanning.

Does anyone know of a good not-toooooo-technical FAQ/Paper on this 
topic?
Does anyone know any good such scanners?



Beyond security (who I work for).
Qualys.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: