Re: Re: Security vulnerability tools

["Larry W. Cashdollar" <larry0 () me com>]

I've used fsnoop http://vladz.devzero.fr/fsnoop.php for /tmp file use auditing.



On Apr 01, 2013, at 06:53 AM, Corey Bryant <coreyb () linux vnet ibm com> wrote:

> On 03/31/2013 11:31 PM, Zhao, Passion wrote:
> > For static analysis, suggest to add 'klocwork'
> > For fuzzing, how about adding 'peach'?
> > And openVAS for network vulnerabilities scanning.
>
> Thanks for the input! I've added these to the wiki.
>
> By the way (and this is not in reply to you, Passion) I've also added a
> statement to the effect of "no guarantees" to the page, since the list
> is growing and I don't have time to evaluate all of the tools at the moment.
>
> It would be nice to have a +1 type of feature next to each tool on the wiki.
>
> --
> Regards,
> Corey Bryant
>
> >
> >
> > --
> > Best regards,
> > - Passion
> > iNet: 8751-1986
> >
> >
> > -----Original Message-----
> > From: Corey Bryant [mailto:coreyb () linux vnet ibm com]
> > Sent: Friday, March 29, 2013 9:22 PM
> > To: oss-security () lists openwall com
> > Subject: [oss-security] Re: Security vulnerability tools
> >
> > Thanks to everyone who provided tooling input. If anyone else has anything
> > else, please let me know.
> >
> > Based on the input I've updated the wiki at:
> > http://oss-security.openwall.org/wiki/tools
> >
> > --
> > Regards,
> > Corey Bryant
> >