Penetration Testing mailing list archives
Re: Vuln Scanner for Web App Source Code
From: bigbert007 <bigbert007 () gmail com>
Date: Tue, 27 May 2008 10:49:38 -0400
Check out Ounce from www.ouncelabs.com or Fortify at www.fortify.com. Cheers! NL Nathan LaFollette (2094) wrote:
Veracode is way better than AppScan & WebInspect in my findings. They do static binary analysis. And AppScan & WebInspect have way too many false positives you have to deal with. -n-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Kevin Reiter Sent: Wednesday, May 21, 2008 2:30 PM To: pen-test () securityfocus com Subject: RE: Vuln Scanner for Web App Source Code Vericode - http://www.veracode.com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]On Behalf Of cnanne () gmail com Sent: Sunday, May 18, 2008 12:16 AM To: pen-test () securityfocus com Subject: Vuln Scanner for Web App Source Code This might be a bit of a dumb question, but does anyone know of a good Vulnerability Scanner for finding faults in the actual Source Code of the Web App? Or can this task can only be done by hand? Any feedback on this is highly appreciative cheers, PhoenixRbrth This message may contain confidential or proprietary information and is intended solely for the individual(s) to whom it is addressed. If you are not a named addressee you should not disseminate, distribute or copy this e-mail or act upon the information contained herein. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slideswww.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
--- avast! Antivirus: Outbound message clean. Virus Database (VPS): 080527-0, 05/27/2008 Tested on: 5/27/2008 10:49:40 AM avast! - copyright (c) 1988-2008 ALWIL Software. http://www.avast.com ------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Vuln Scanner for Web App Source Code cnanne (May 18)
- Re: Vuln Scanner for Web App Source Code r (May 18)
- Re: Vuln Scanner for Web App Source Code Jason (May 21)
- Re: Vuln Scanner for Web App Source Code bugtraq (May 22)
- Re: Vuln Scanner for Web App Source Code Mike Duncan (May 22)
- Re: Vuln Scanner for Web App Source Code Haroon Meer (May 23)
- RE: Vuln Scanner for Web App Source Code Kevin Reiter (May 22)
- RE: Vuln Scanner for Web App Source Code NL Nathan LaFollette (2094) (May 23)
- Re: Vuln Scanner for Web App Source Code bigbert007 (May 28)
- RE: Vuln Scanner for Web App Source Code NL Nathan LaFollette (2094) (May 23)
- <Possible follow-ups>
- RE: Vuln Scanner for Web App Source Code FF (May 19)