Secure Coding mailing list archives
free scans from Google...
From: kowsik at gmail.com (kowsik)
Date: Mon, 22 Mar 2010 11:15:34 -0700
Unlike other services from Google, you have the source so you can see if it calls home. BTW, Michal has done some great work in the past (TCP strange attractors being one of my favorite ones). The phase-space approach for sequence numbers is now used quite a bit in a number of web-app scanners for entropy analysis of cookies and session-ids, amongst other things. K. --- http://www.pcapr.net http://labs.mudynamics.com http://twitter.com/pcapr On Fri, Mar 19, 2010 at 1:39 PM, Benjamin Tomhave <tomhave at secureconsulting.net> wrote:
I guess we can all retire now, eh? I find it so exciting that the app is "written in pure C"... and coming from Google, I'm sure it won't leak info back to the mothership at all... "Meet skipfish, our automated web security scanner" http://googleonlinesecurity.blogspot.com/2010/03/meet-skipfish-our-automated-web.html -- Benjamin Tomhave, MS, CISSP tomhave at secureconsulting.net Blog: http://www.secureconsulting.net/ Twitter: http://twitter.com/falconsview LI: http://www.linkedin.com/in/btomhave [ Random Quote: ] "Do you think that when they asked George Washington for ID that he just whipped out a quarter?" Steven Wright _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
Current thread:
- free scans from Google... Benjamin Tomhave (Mar 19)
- free scans from Google... Kevin W. Wall (Mar 20)
- free scans from Google... kowsik (Mar 22)