Re: RE: RE: Informing Companies about security vulnerabilities...

From: none@none.com
Date: Thu Oct 05 2006 - 17:06:44 EDT

• Next message: stillnone@none.com: "Re: RE: Informing Companies about security vulnerabilities..."
• Previous message: mr.nasty@ix.netcom.com: "RE: Informing Companies about security vulnerabilities..."
• Maybe in reply to: Levenglick, Jeff: "RE: RE: Informing Companies about security vulnerabilities..."
• Next in thread: Matthew Leeds: "Re[4]: Informing Companies about security vulnerabilities..."
• Reply: Matthew Leeds: "Re[4]: Informing Companies about security vulnerabilities..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

or just sticking <script> tags into forms and seeing the response is a pen test?

is using an web scanner that tests for XSS or SQL injection a pen test?

running some BS web scanner against a site isnt a pen test even though alot of people on this list seem to think it is...

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: stillnone@none.com: "Re: RE: Informing Companies about security vulnerabilities..."
• Previous message: mr.nasty@ix.netcom.com: "RE: Informing Companies about security vulnerabilities..."
• Maybe in reply to: Levenglick, Jeff: "RE: RE: Informing Companies about security vulnerabilities..."
• Next in thread: Matthew Leeds: "Re[4]: Informing Companies about security vulnerabilities..."
• Reply: Matthew Leeds: "Re[4]: Informing Companies about security vulnerabilities..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:07 EDT