Nmap Development mailing list archives
Best practice for web vulnerability scripts?
From: Ron Bowes <ron () skullsecurity net>
Date: Tue, 27 May 2014 13:19:05 -0700
Hey, I gave Claudiu a simple vulnerability check to write - basically, an auth bypass in some CMS software. It has an associated CVE number and stuff. It could very easily be written as a http-enum.nse fingerprint, but I've noticed that some vulnerability scripts are being written separately so they can use the vulnerability library and report them by CVE number. What's the current best practice we're using? Thanks! Ron _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Best practice for web vulnerability scripts? Ron Bowes (May 27)
- RE: Best practice for web vulnerability scripts? Rob Nicholls (May 27)
- Re: Best practice for web vulnerability scripts? Ron Bowes (May 27)
- Re: Best practice for web vulnerability scripts? George Chatzisofroniou (May 28)
- Re: Best practice for web vulnerability scripts? Daniel Miller (May 28)
- Re: Best practice for web vulnerability scripts? George Chatzisofroniou (May 28)
- Re: Best practice for web vulnerability scripts? Daniel Miller (May 28)
- RE: Best practice for web vulnerability scripts? Rob Nicholls (May 27)