I wish I had the ultimate tool, whether that is a programing language such as perl, python and ruby, or whether it is a framework like metasploit and vulnerability scanner like nessus. I wish, but I know that such thing doesn’t exist and probably never will.
Lately I’ve been dropping a lot bash scripts on public forums and of course on work related projects. Many people came back to me asking why I chose bash. Python or perl would have been better! [...]
Oh yes, we certainly do! And let me tell you something: they ain’t going to be quite the same thing as what we are used to.
Back in the days all you needed was a poxy, a dummy scanner/spider just to lift of your back some of the repetitive and boring things, and your brain. You are pretty much settled. Today, you need to do things beyond that. Web technologies are just starting to show their ugly face and we are here to see/experience them for the first time. [...]
I don’t want to brag about it but this project was slashed in 5 minutes and this is not due to some amazing tech wizardy. It is mainly due to the powerful Java development platform and the tones of development information resources, Java coders have on their hands. I just made use of them. This morning I had some thoughts around the Metasploit and w3af projects and how the GNUCITIZEN team can contribute some modules to make both of them even more powerful. [...]
test your web apps with websecurify application security testing runtime