mailing list archives
Re: nmap idea
From: Fyodor <fyodor () insecure org>
Date: Mon, 4 Apr 2011 12:10:54 -0700
On Sun, Apr 03, 2011 at 03:13:33PM -0500, Ron wrote:
I don't speak for Nmap or anything, but I have a question about your
proposal: how does Nmap get the sourcecode to applications, and why
would you use Nmap (as opposed to other static analysis tools)?
It seems to me that, despite Nmap's growing number of uses, this
falls outside of what Nmap can really excel at.
Very well put, Ron!
Eugene: I agree that source code security analysis is an important
field, but Nmap's focus is on a very different sort of scanning. So
we probably wouldn't sponsor a source code analysis propject. But if
you can think of a proposal which is more inline with Nmap's core
competencies, I hope you apply for Nmap! Or if you really want to do
source code analysis, perhaps it would be a good match for one of the
other SoC projects:
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/