Penetration Testing mailing list archives
Re: [PEN-TEST] Scanning Web Proxy -- Preliminary Concept
From: Alex Butcher <alex () S3 INTEGRALIS CO UK>
Date: Fri, 15 Dec 2000 10:07:05 +0000
Philip Stoev wrote:
Hello, I am not certain if this is the proper list to post to, however I would like to bring about to your attention an idea of mine (no code yet). Any feedback, including yells like "We already did something like that!" are highly appreciated.
"Someone already did something like that!" :) Achilles, from Digizen-Security <http://www.digizen-security.com/downloads.html> does most of what you describe. It doesn't attempt to find vulnerabilities automatically though. AppScan from Sanctum Inc. <http://www.sanctuminc.com/> does purport to find vulnerabilities automatically, but I haven't seen it in Real Life yet. But hey, don't let me put you off; I found Achilles a little flakey, plus it only runs on Win32, which I find to be a source of pain. An Open Source UNIX-workalike-but-better would truly rock. :)
http://www.stoev.org/proxy/preliminary-concept.html
Philip Stoev
Best Regards, Alex. -- Alex Butcher PGP/GnuPG Key IDs: Consultant, S3 Systems Security Services alex@s3 B7709088 PGP: http://www.s3.integralis.co.uk/pgp/alex.pgp alex.butcher@ 885BA6CE
Attachment:
alex.vcf
Description: Card for Alex Butcher
Current thread:
- [PEN-TEST] Scanning Web Proxy -- Preliminary Concept Philip Stoev (Dec 15)
- Re: [PEN-TEST] Scanning Web Proxy -- Preliminary Concept Glenn Williamson (Dec 15)
- Re: [PEN-TEST] Scanning Web Proxy -- Preliminary Concept Alex Butcher (Dec 16)
- Re: [PEN-TEST] Scanning Web Proxy -- Preliminary Concept Philip Stoev (Dec 16)
- <Possible follow-ups>
- Re: [PEN-TEST] Scanning Web Proxy -- Preliminary Concept vort-fu (Dec 15)