|Main Archive Page > Month Archives > full-disclosure-uk archives|
Good day all,
Give a few keys from me:
On Fri, 8 Jan 2010 16:42:33 -0400, firstname.lastname@example.org wrote:
> I played with it a little yesterday and posted my thoughts (as well as
> a summary of their whole scan) at:
> It is a nice tool with some good checks looking for SQL, XSS, etc... I
> just think they
> didn't look deep enough in my site to check more stuff...
> On Thu, Jan 7, 2010 at 11:58 AM, Robin Sage <email@example.com>
>> If anyone has any more invite codes please send one to me. >> I tried the ones posted and they were not functional. >> I also emailed support and never received a response. >> >> Has anyone compared this to AppScan, WebInspect, Sentinnel, Qualys or >> Acunetix ? >> How many trials do you get per invite code? Just 1 app? >> >> Thanks! >> >> ________________________________ >> From: Jardel Weyrich <firstname.lastname@example.org> >> To: p8x <email@example.com> >> Cc: firstname.lastname@example.org >> Sent: Thu, January 7, 2010 9:33:07 AM >> Subject: Re: [Full-disclosure] iiscan results >> >> It's probably trying to get different results/responses by changing >> the values of some request headers. The most common scenario, as far >> as I've seen, and as oddly as it might sound, is the User-Agent and >> HTTP minor version. >> >> A more verbose logging strategy would demystify. Or maybe Vincent? >>
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-- ----------------------------------------------------------------- Best regards! Vladimir Vorontsov, security expert. ONsec: turn on security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/