🦅 Simo What are you working on right now?
🗿 Ali Not yet. I worked on a scanner project for 3 years and discovered some common issues in web application security scanners. All of them have same problems by design. Based on my researches and ideas I started to make the framework ;)
🦅 Simo if it's not a huge secret, what's the common problem with the scanners? Out of interest since I also do work in the cybersecurity product domain, but on the detection side.
🗿 Ali 1. A global predefined and fixed config for any thing. e.g. global parameter variation limit. for example max to be 50 for "p=1234" and "p=settings.php" 2. Missing differential analysis on captured pages and results. 3. Missing ML feature-based analysis. 4. They think all of paths as file/dir and not file/dir and function/mounted route. Tell about your works.