Penetration Testing mailing list archives

RE: Vuln Scanner for Web App Source Code

From: "NL Nathan LaFollette (2094)" <Nathan.LaFollette () amgreetings com>
Date: Fri, 23 May 2008 15:42:48 -0400

Veracode is way better than AppScan & WebInspect in my findings.  They
do static binary analysis.  And AppScan & WebInspect have way too many
false positives you have to deal with.

-n
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Kevin Reiter
Sent: Wednesday, May 21, 2008 2:30 PM
To: pen-test () securityfocus com
Subject: RE: Vuln Scanner for Web App Source Code

Vericode - http://www.veracode.com

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]On Behalf Of cnanne () gmail com
Sent: Sunday, May 18, 2008 12:16 AM
To: pen-test () securityfocus com
Subject: Vuln Scanner for Web App Source Code


This might be a bit of a dumb question, but does anyone know of a good
Vulnerability Scanner for finding faults in the actual Source Code of
the Web App? Or can this task can only be done by hand?


Any feedback on this is highly appreciative



cheers,


PhoenixRbrth


This message may contain confidential or proprietary information and is
intended solely for the individual(s) to whom it is addressed.  If you
are not a named addressee you should not disseminate, distribute or copy
this e-mail or act upon the information contained herein.  Please notify
the sender immediately by e-mail if you have received this e-mail by
mistake and delete this e-mail from your system.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Current thread:

Vuln Scanner for Web App Source Code cnanne (May 18)
- Re: Vuln Scanner for Web App Source Code r (May 18)
- Re: Vuln Scanner for Web App Source Code Jason (May 21)
  - Re: Vuln Scanner for Web App Source Code bugtraq (May 22)
  - Re: Vuln Scanner for Web App Source Code Mike Duncan (May 22)
    - Re: Vuln Scanner for Web App Source Code Haroon Meer (May 23)
- RE: Vuln Scanner for Web App Source Code Kevin Reiter (May 22)
  - RE: Vuln Scanner for Web App Source Code NL Nathan LaFollette (2094) (May 23)
    - Re: Vuln Scanner for Web App Source Code bigbert007 (May 28)
- <Possible follow-ups>
- RE: Vuln Scanner for Web App Source Code FF (May 19)