Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Web Application Penetration Testing Methodology Patent

RE: Web Application Penetration Testing Methodology Patent

From: Richard M. Smith <rms_at_computerbytesman.com>
Date: Fri, 16 Jan 2004 12:01:28 -0500

Here's the actual patent:

   http://tinyurl.com/2zndg

The patent was filed in March 2001. The claims section is the revalent part
of the patent to read to see if anyone was doing the samething before
Sanctum.

Richard

-----Original Message-----
From: Matthew Wagenknecht [mailto:Matthew.Wagenknecht_at_quantum.com]
Sent: Friday, January 16, 2004 11:10 AM
To: 'Levenglick, Jeff'; webtester_at_hushmail.com; webappsec_at_securityfocus.com;
pen-test_at_securityfocus.com
Subject: RE: Web Application Penetration Testing Methodology Patent

Wow, Jeff.. Where did that come from?

I think that this request is quite legitimate. It has much more to do with
pen-test and web application security than legal issues.. Truth is Sanctum's
patent request is an attampt to own common sense. The methodology detailed
in the patent request is not the result of an internal think tank at Sanctum
that came up with a new thought process for web app penetration testing. The
details basically describe the equivilent of walking up to every house on a
street and rattling the dorr knobs. If the dorr doesn't open easily, try
every key-like object in their possesion to jimmy the lock.

It's like me trying to patent how I pay bills and not allowing anyone else
to do it that way.. It's just silly..
Received on Jan 16 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]