Dailydave mailing list archives
Re: Remote language detection
From: "Steven M. Christey" <coley () mitre org>
Date: Thu, 7 Dec 2006 17:27:51 -0500 (EST)
There's been a commoditization of known vulnerabilities. I don't think it will be that long from now where a penetration testing service that does not offer 0day testing will be completely devalued. Essentially this is where penetration testing is already, since most of what you do in a test is web-based which is essentially 0day testing.
If so, then this could be a worrisome trend if professionals keep off-the-shelf 0days for a competitive advantage instead of notifying the vendors and working on a fix. Obviously location-specific custom software does not apply here. I think something similar to that happened in the early days of vulnerability scanners. - Steve _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Remote language detection Dave Aitel (Dec 06)
- <Possible follow-ups>
- Re: Remote language detection Steven M. Christey (Dec 07)