[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webappsec
Subject:    Administrivia +SiteDigger
From:       "Mark Curphey" <mark () curphey ! com>
Date:       2004-05-28 2:50:53
Message-ID: 200405280250.WAA13068 () valiant ! cnchost ! com
[Download RAW message or body]

List moderation over the next 14 days or so maybe slow. It will also be on a
combination of time zones so the usual SLA of 2 mins for post approvals
(grin) may not be met. 

Seriously on that front the list server software is often sporadic. I
sometimes have to send messages twice and they arrive out of order so please
accept SMTP is an unreliable protocol and prone to errors. Apart from the
delightful Nigerian business man who offers me $50 million 20 times and day
and the other 400 plus ave spam mails I get a day, I rarely don't approve
posts so if it doesn't show up send it again. 

You may also want to know that Foundstone today released what I think is an
interesting free tool and whitepaper for web app pen testers called
SiteDigger written by Kartik Trivedi. SiteDigger uses the Google web
services API to look for potential security vulnerabilities cached by the
Google search engine. Its pretty amazing at what's out there. We will
probably release the source code in the next release and have a series of
free tools like this coming out in the coming months. 

You can download SiteDigger at www.foundstone.com/s3i

Cheers and Aloha (guess where I am !)

Mark

[prev in list] [next in list] [prev in thread] [next in thread]