OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Full-disclosure] Automated Vulnerability Scanners

From: Dude VanWinkle (dudevanwinklegmail.com)
Date: Fri Feb 24 2006 - 13:36:56 CST


On 2/24/06, Q Beukes <full-disclosurelist.za.net> wrote:
> no, what I was talking about was programs/algorithms that actually
> scan software to find new unknown problems.
>
> i have never heard of anything like this myself nor can't think of an
> efficient way
> of implementing it, yet someone claimed they exist.
>
> I can't find any on google either?

Are you talking about something that looks through the source code for
a bad malloc implementation, or something that will try to go through
the assembly for an off-by-one error?

-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/