🦅 Simo What are you working on right now?
🗿 Ali My own web application security testing framework.
4y, 23w 11 replies
🦅 Simo anything public on it yet?
4y, 23w 5 replies
🗿 Ali Not yet. I worked on a scanner project for 3 years and discovered some common issues in web application security scanners. All of them have same problems by design. Based on my researches and ideas I started to make the framework ;)
4y, 23w 4 replies
Login or register your account to reply
🦅 Simo if it's not a huge secret, what's the common problem with the scanners? Out of interest since I also do work in the cybersecurity product domain, but on the detection side.
4y, 23w 3 replies
🗿 Ali 1. A global predefined and fixed config for any thing. e.g. global parameter variation limit. for example max to be 50 for "p=1234" and "p=settings.php" 2. Missing differential analysis on captured pages and results. 3. Missing ML feature-based analysis. 4. They think all of paths as file/dir and not file/dir and function/mounted route. Tell about your works.
4y, 23w 2 replies