10109 at live
Mar 9, 2009, 7:47 AM
Extending the generic web application vulnerability checks
I am currently investigating the possibilities of Nessus with regards to testing web applications on generic vulnerabilities. My goal is to extend Nessus with additional generic web application vulnerability checks.
Currently I have only found two plug-ins (torturecgis.nasl and sql_injection.nasl) which check a web application for XSS, SQL injection, OS commanding and Path traversal.
As the torturecgis.nasl script already states, it's far from complete. The sql_injection.nasl script is more mature.
I have the following questions:
1. Are there more generic web application vulnerability checks that I missed?
2. What is the development roadmap for these kind of checks?
3. Are new generic plug-ins currently being in development?
4. Are there plans to extend torturecgis.nasl?
5. Why isn't there a good set of plug-ins for these kind of checks?
In comparison with other (generic) web application vulnerability scanners, there is a lot of improvement to achieve.
Drag n’ drop—Get easy photo sharing with Windows Live™ Photos.