Hosting Provided By

RE: no standards for webapp exploitation

From: ned <nd(at)felinemenace.org>
Date: Thu Jul 03 2003 - 09:15:49 EDT

about the variable comment - reasoning:
the punters (company's) that buy my product (theoreticalally) want to build a script to check each server for X exploit. they should not have to think, and therefore should not have to use their own variables to accomplish this. example:

k = websec()
x = scanner()

k.settype("eeye.printer")
x.credentials("172.16.:80")
x.run(k)

extensible API's like that one would negate the need for punter interaction (PI) which can lead to all sorts of ghastly things.

an remember, its a hell of a lot easier to write tutorials for API's you've developed than that of languages you write in.

On Thu, 3 Jul 2003, NC Agent wrote:

> Hi Ned,

-- 
http://felinemenace.org/~nd

Received on Thu Jul 3 11:41:33 2003

This message: [ Message body ]
Next message: dave(at)immunitysec.com: "Re: no standards for webapp exploitation"
Previous message: Ingo Struck: "OWASP publishes the VulnXML db first draft release"
Maybe in reply to: ned: "no standards for webapp exploitation"
In reply to Dawes, Rogan (ZA - Johannesburg): "RE: no standards for webapp exploitation"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:53 EDT