Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Vuln Scanner for Web App Source Code

Re: Vuln Scanner for Web App Source Code

From: bigbert007 <bigbert007_at_gmail.com>
Date: Tue, 27 May 2008 10:49:38 -0400

Check out Ounce from www.ouncelabs.com or Fortify at www.fortify.com.

Cheers!

NL Nathan LaFollette (2094) wrote:
> Veracode is way better than AppScan & WebInspect in my findings. They
> do static binary analysis. And AppScan & WebInspect have way too many
> false positives you have to deal with.
>
> -n
>
>
> -----Original Message-----
> From: listbounce_at_securityfocus.com [mailto:listbounce_at_securityfocus.com]
> On Behalf Of Kevin Reiter
> Sent: Wednesday, May 21, 2008 2:30 PM
> To: pen-test_at_securityfocus.com
> Subject: RE: Vuln Scanner for Web App Source Code
>
> Vericode - http://www.veracode.com
>
> -----Original Message-----
> From: listbounce_at_securityfocus.com
> [mailto:listbounce_at_securityfocus.com]On Behalf Of cnanne_at_gmail.com
> Sent: Sunday, May 18, 2008 12:16 AM
> To: pen-test_at_securityfocus.com
> Subject: Vuln Scanner for Web App Source Code
>
>
> This might be a bit of a dumb question, but does anyone know of a good
> Vulnerability Scanner for finding faults in the actual Source Code of
> the Web App? Or can this task can only be done by hand?
>
>
> Any feedback on this is highly appreciative
>
>
>
> cheers,
>
>
> PhoenixRbrth
>
>
> This message may contain confidential or proprietary information and is
> intended solely for the individual(s) to whom it is addressed. If you
> are not a named addressee you should not disseminate, distribute or copy
> this e-mail or act upon the information contained herein. Please notify
> the sender immediately by e-mail if you have received this e-mail by
> mistake and delete this e-mail from your system.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes
> in Securing Web Applications
> Find out now! Get Webinar Recording and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes
> in Securing Web Applications
> Find out now! Get Webinar Recording and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
>
>
> 

---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 080527-0, 05/27/2008
Tested on: 5/27/2008 10:49:40 AM
avast! - copyright (c) 1988-2008 ALWIL Software.
http://www.avast.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on May 28 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]