Slashdot Mirror

← Back to Stories (view on slashdot.org)

OWASP's VulnXML Database

Posted by michael on from the autocracker dept.

Ingo Struck writes "The Open Web Application Security Project released the VulnXML db for early access to the public. VulnXML is a description of static known vulnerabilities. It provides all necessary information to let an execution engine automatically craft and launch appropriate HTTP, SOAP or WebDAV requests and analyse the response whether the attack had success. Besides it provides some human readable classification of the described vulnerability. A tool to execute VulnXML records is currently being developed and will help developers to check their web applications against a suite of well-known vulnerabilities described in a portable format."

3 of 68 comments (clear)

  1. All right! by Fly+Ricky+-+The+Wine · · Score: 5, Funny

    Just in time for July 6th!

  2. Wow by Saint+Aardvark · · Score: 3, Funny
    A tool to execute VulnXML records is currently being developed

    Now that's security by obscurity! <rimshot />

    Thank you, ladies and germs, I'll be here all week.

    --
    Carousel is a lie!
  3. Re:well... by Anonymous Coward · · Score: 3, Funny

    Why not, we've already replaced advanced virus delivery systems with stupid users who would even be willing to open sexy-fun-i-am-not-a-virus-honest.exe