Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Announcement: DefenseCode ThunderScan v1.1 - Web Application Source Code Security Analysis

D
DefenseCode
Thu, Oct 11, 2012 6:01 PM

Hi,

We are proud to present you a new product for comprehensive Web
Application Security Scanning.
DefenseCode ThunderScan v1.1 for Web Application Source Code Security
Analysis is available now.

Demo run against Mutillidae v1.3 can be seen here:
http://www.youtube.com/watch?v=dcml2stPYNM&hd=1

DefenseCode ThunderScan products are designed for comprehensive security
assessment of web application source code in
order to discover critical security vulnerabilities that hackers could
exploit to compromise web application security.

More information about the product is available here:
http://www.defensecode.com/subcategory/thunderscan-8

ThunderScan v1.1 supported languages:

  • ASP.Net C#
  • PHP
  • Java/JSP
  • VB.Net
  • Classic ASP

Thunderscan v1.1 will scan web applications for a wide range of security
vulnerabilities like:

  • SQL Injection
  • File Disclosure
  • Page Inclusion
  • Code Injection
  • Shell Command Execution
  • Cross Site Scripting
  • File Manipulation
  • Arbitrary File Upload
  • Dangerous Configuration Settings
  • Arbitrary Server Connection
  • XPATH Injection
  • LDAP Injection
  • HTTP Response Splitting
  • Information Leak
  • Mail Relay
  • Misc. Dangerous Functions
  • Dangerous File Extensions
  • And more

ThunderScan v1.1 New Features:

  • Tainted input flow track interactive analysis
  • Automated discovery of custom input functions
  • Improved custom functions analysis
  • Improved filter detection
  • Custom filtering functions detection
  • Improved large multiline code handling
  • Improved input tracking across multiple functions
  • Fixed bug in XML reporting
  • Improved Java and C# class detection
  • Improved Java and C# class analysis
  • Advanced PHP static inclusion algorithm
  • Improved PHP PEAR tracking functions base
  • Added Java JSON-RPC support

We are continuously working on improving our products and keeping them
up to date
so you can be sure that all the latest threats get detected.

Kind Regards

DefenseCode Team
ThunderScan - Scan your Web Application For Security Vulnerabilities
http://www.defensecode.com/subcategory/thunderscan-8

Hi, We are proud to present you a new product for comprehensive Web Application Security Scanning. DefenseCode ThunderScan v1.1 for Web Application Source Code Security Analysis is available now. Demo run against Mutillidae v1.3 can be seen here: http://www.youtube.com/watch?v=dcml2stPYNM&hd=1 DefenseCode ThunderScan products are designed for comprehensive security assessment of web application source code in order to discover critical security vulnerabilities that hackers could exploit to compromise web application security. More information about the product is available here: http://www.defensecode.com/subcategory/thunderscan-8 ThunderScan v1.1 supported languages: - ASP.Net C# - PHP - Java/JSP - VB.Net - Classic ASP Thunderscan v1.1 will scan web applications for a wide range of security vulnerabilities like: - SQL Injection - File Disclosure - Page Inclusion - Code Injection - Shell Command Execution - Cross Site Scripting - File Manipulation - Arbitrary File Upload - Dangerous Configuration Settings - Arbitrary Server Connection - XPATH Injection - LDAP Injection - HTTP Response Splitting - Information Leak - Mail Relay - Misc. Dangerous Functions - Dangerous File Extensions - And more ThunderScan v1.1 New Features: - Tainted input flow track interactive analysis - Automated discovery of custom input functions - Improved custom functions analysis - Improved filter detection - Custom filtering functions detection - Improved large multiline code handling - Improved input tracking across multiple functions - Fixed bug in XML reporting - Improved Java and C# class detection - Improved Java and C# class analysis - Advanced PHP static inclusion algorithm - Improved PHP PEAR tracking functions base - Added Java JSON-RPC support We are continuously working on improving our products and keeping them up to date so you can be sure that all the latest threats get detected. Kind Regards -- DefenseCode Team ThunderScan - Scan your Web Application For Security Vulnerabilities http://www.defensecode.com/subcategory/thunderscan-8
WJ
Will Jefferies
Fri, Oct 12, 2012 2:06 PM

Is there a demo that we can download for testing?  And can you combine licenses of say C# and Classic ASP into a single price, or do you have to order them separately?

From: websecurity [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of DefenseCode
Sent: Thursday, October 11, 2012 1:02 PM
To: websecurity@lists.webappsec.org; full-disclosure@lists.grok.org.uk; pen-test@lists.securityfocus.com
Subject: [WEB SECURITY] Announcement: DefenseCode ThunderScan v1.1 - Web Application Source Code Security Analysis

Hi,

We are proud to present you a new product for comprehensive Web Application Security Scanning.
DefenseCode ThunderScan v1.1 for Web Application Source Code Security Analysis is available now.

Demo run against Mutillidae v1.3 can be seen here:
http://www.youtube.com/watch?v=dcml2stPYNM&hd=1

DefenseCode ThunderScan products are designed for comprehensive security assessment of web application source code in
order to discover critical security vulnerabilities that hackers could exploit to compromise web application security.

More information about the product is available here:
http://www.defensecode.com/subcategory/thunderscan-8

ThunderScan v1.1 supported languages:

  • ASP.Net C#
  • PHP
  • Java/JSP
  • VB.Net
  • Classic ASP

Thunderscan v1.1 will scan web applications for a wide range of security vulnerabilities like:

  • SQL Injection
  • File Disclosure
  • Page Inclusion
  • Code Injection
  • Shell Command Execution
  • Cross Site Scripting
  • File Manipulation
  • Arbitrary File Upload
  • Dangerous Configuration Settings
  • Arbitrary Server Connection
  • XPATH Injection
  • LDAP Injection
  • HTTP Response Splitting
  • Information Leak
  • Mail Relay
  • Misc. Dangerous Functions
  • Dangerous File Extensions
  • And more

ThunderScan v1.1 New Features:

  • Tainted input flow track interactive analysis
  • Automated discovery of custom input functions
  • Improved custom functions analysis
  • Improved filter detection
  • Custom filtering functions detection
  • Improved large multiline code handling
  • Improved input tracking across multiple functions
  • Fixed bug in XML reporting
  • Improved Java and C# class detection
  • Improved Java and C# class analysis
  • Advanced PHP static inclusion algorithm
  • Improved PHP PEAR tracking functions base
  • Added Java JSON-RPC support

We are continuously working on improving our products and keeping them up to date
so you can be sure that all the latest threats get detected.

Kind Regards

DefenseCode Team
ThunderScan - Scan your Web Application For Security Vulnerabilities
http://www.defensecode.com/subcategory/thunderscan-8

Confidentiality Notice: This message is for the sole use of the intended recipient(s).  It may contain confidential or proprietary information and may be subject to the attorney-client privilege or other confidentiality protections. If this message was misdirected, neither FNC Holding Company, Inc. nor any of its subsidiaries waive any confidentiality, privilege, or trade secrets. If you are not a designated recipient, you may not review, print, copy, retransmit, disseminate, or otherwise use this message. If you have received this message in error, please notify the sender by reply e-mail and delete this message.

Is there a demo that we can download for testing? And can you combine licenses of say C# and Classic ASP into a single price, or do you have to order them separately? From: websecurity [mailto:websecurity-bounces@lists.webappsec.org] On Behalf Of DefenseCode Sent: Thursday, October 11, 2012 1:02 PM To: websecurity@lists.webappsec.org; full-disclosure@lists.grok.org.uk; pen-test@lists.securityfocus.com Subject: [WEB SECURITY] Announcement: DefenseCode ThunderScan v1.1 - Web Application Source Code Security Analysis Hi, We are proud to present you a new product for comprehensive Web Application Security Scanning. DefenseCode ThunderScan v1.1 for Web Application Source Code Security Analysis is available now. Demo run against Mutillidae v1.3 can be seen here: http://www.youtube.com/watch?v=dcml2stPYNM&hd=1 DefenseCode ThunderScan products are designed for comprehensive security assessment of web application source code in order to discover critical security vulnerabilities that hackers could exploit to compromise web application security. More information about the product is available here: http://www.defensecode.com/subcategory/thunderscan-8 ThunderScan v1.1 supported languages: - ASP.Net C# - PHP - Java/JSP - VB.Net - Classic ASP Thunderscan v1.1 will scan web applications for a wide range of security vulnerabilities like: - SQL Injection - File Disclosure - Page Inclusion - Code Injection - Shell Command Execution - Cross Site Scripting - File Manipulation - Arbitrary File Upload - Dangerous Configuration Settings - Arbitrary Server Connection - XPATH Injection - LDAP Injection - HTTP Response Splitting - Information Leak - Mail Relay - Misc. Dangerous Functions - Dangerous File Extensions - And more ThunderScan v1.1 New Features: - Tainted input flow track interactive analysis - Automated discovery of custom input functions - Improved custom functions analysis - Improved filter detection - Custom filtering functions detection - Improved large multiline code handling - Improved input tracking across multiple functions - Fixed bug in XML reporting - Improved Java and C# class detection - Improved Java and C# class analysis - Advanced PHP static inclusion algorithm - Improved PHP PEAR tracking functions base - Added Java JSON-RPC support We are continuously working on improving our products and keeping them up to date so you can be sure that all the latest threats get detected. Kind Regards -- DefenseCode Team ThunderScan - Scan your Web Application For Security Vulnerabilities http://www.defensecode.com/subcategory/thunderscan-8 Confidentiality Notice: This message is for the sole use of the intended recipient(s). It may contain confidential or proprietary information and may be subject to the attorney-client privilege or other confidentiality protections. If this message was misdirected, neither FNC Holding Company, Inc. nor any of its subsidiaries waive any confidentiality, privilege, or trade secrets. If you are not a designated recipient, you may not review, print, copy, retransmit, disseminate, or otherwise use this message. If you have received this message in error, please notify the sender by reply e-mail and delete this message.
BH
Banyan He
Fri, Oct 12, 2012 3:16 PM

I think there is nowhere on the website to download. Just a sample report.

Banyan He
Blog: http://www.rootong.com
Email: banyan@rootong.com

On 2012-10-12 10:06 PM, Will Jefferies wrote:

Is there a demo that we can download for testing?  And can you combine
licenses of say C# and Classic ASP into a single price, or do you have
to order them separately?

*From:*websecurity [mailto:websecurity-bounces@lists.webappsec.org]
*On Behalf Of *DefenseCode
Sent: Thursday, October 11, 2012 1:02 PM
To: websecurity@lists.webappsec.org;
full-disclosure@lists.grok.org.uk; pen-test@lists.securityfocus.com
Subject: [WEB SECURITY] Announcement: DefenseCode ThunderScan v1.1 -
Web Application Source Code Security Analysis

Hi,

We are proud to present you a new product for comprehensive Web
Application Security Scanning.
DefenseCode ThunderScan v1.1 for Web Application Source Code Security
Analysis is available now.

Demo run against Mutillidae v1.3 can be seen here:
http://www.youtube.com/watch?v=dcml2stPYNM&hd=1

DefenseCode ThunderScan products are designed for comprehensive
security assessment of web application source code in
order to discover critical security vulnerabilities that hackers could
exploit to compromise web application security.

More information about the product is available here:
http://www.defensecode.com/subcategory/thunderscan-8

ThunderScan v1.1 supported languages:

  • ASP.Net C#
  • PHP
  • Java/JSP
  • VB.Net
  • Classic ASP

Thunderscan v1.1 will scan web applications for a wide range of
security vulnerabilities like:

  • SQL Injection
  • File Disclosure
  • Page Inclusion
  • Code Injection
  • Shell Command Execution
  • Cross Site Scripting
  • File Manipulation
  • Arbitrary File Upload
  • Dangerous Configuration Settings
  • Arbitrary Server Connection
  • XPATH Injection
  • LDAP Injection
  • HTTP Response Splitting
  • Information Leak
  • Mail Relay
  • Misc. Dangerous Functions
  • Dangerous File Extensions
  • And more

ThunderScan v1.1 New Features:

  • Tainted input flow track interactive analysis
  • Automated discovery of custom input functions
  • Improved custom functions analysis
  • Improved filter detection
  • Custom filtering functions detection
  • Improved large multiline code handling
  • Improved input tracking across multiple functions
  • Fixed bug in XML reporting
  • Improved Java and C# class detection
  • Improved Java and C# class analysis
  • Advanced PHP static inclusion algorithm
  • Improved PHP PEAR tracking functions base
  • Added Java JSON-RPC support

We are continuously working on improving our products and keeping them
up to date
so you can be sure that all the latest threats get detected.

Kind Regards

DefenseCode Team
ThunderScan - Scan your Web Application For Security Vulnerabilities
http://www.defensecode.com/subcategory/thunderscan-8

Confidentiality Notice: This message is for the sole use of the
intended recipient(s).  It may contain confidential or proprietary
information and may be subject to the attorney-client privilege or
other confidentiality protections. If this message was misdirected,
neither FNC Holding Company, Inc. nor any of its subsidiaries waive
any confidentiality, privilege, or trade secrets. If you are not a
designated recipient, you may not review, print, copy, retransmit,
disseminate, or otherwise use this message. If you have received this
message in error, please notify the sender by reply e-mail and delete
this message.

I think there is nowhere on the website to download. Just a sample report. ------------ Banyan He Blog: http://www.rootong.com Email: banyan@rootong.com On 2012-10-12 10:06 PM, Will Jefferies wrote: > > Is there a demo that we can download for testing? And can you combine > licenses of say C# and Classic ASP into a single price, or do you have > to order them separately? > > *From:*websecurity [mailto:websecurity-bounces@lists.webappsec.org] > *On Behalf Of *DefenseCode > *Sent:* Thursday, October 11, 2012 1:02 PM > *To:* websecurity@lists.webappsec.org; > full-disclosure@lists.grok.org.uk; pen-test@lists.securityfocus.com > *Subject:* [WEB SECURITY] Announcement: DefenseCode ThunderScan v1.1 - > Web Application Source Code Security Analysis > > Hi, > > We are proud to present you a new product for comprehensive Web > Application Security Scanning. > DefenseCode ThunderScan v1.1 for Web Application Source Code Security > Analysis is available now. > > Demo run against Mutillidae v1.3 can be seen here: > http://www.youtube.com/watch?v=dcml2stPYNM&hd=1 > > DefenseCode ThunderScan products are designed for comprehensive > security assessment of web application source code in > order to discover critical security vulnerabilities that hackers could > exploit to compromise web application security. > > More information about the product is available here: > http://www.defensecode.com/subcategory/thunderscan-8 > > ThunderScan v1.1 supported languages: > - ASP.Net C# > - PHP > - Java/JSP > - VB.Net > - Classic ASP > > Thunderscan v1.1 will scan web applications for a wide range of > security vulnerabilities like: > - SQL Injection > - File Disclosure > - Page Inclusion > - Code Injection > - Shell Command Execution > - Cross Site Scripting > - File Manipulation > - Arbitrary File Upload > - Dangerous Configuration Settings > - Arbitrary Server Connection > - XPATH Injection > - LDAP Injection > - HTTP Response Splitting > - Information Leak > - Mail Relay > - Misc. Dangerous Functions > - Dangerous File Extensions > - And more > > > ThunderScan v1.1 New Features: > - Tainted input flow track interactive analysis > - Automated discovery of custom input functions > - Improved custom functions analysis > - Improved filter detection > - Custom filtering functions detection > - Improved large multiline code handling > - Improved input tracking across multiple functions > - Fixed bug in XML reporting > - Improved Java and C# class detection > - Improved Java and C# class analysis > - Advanced PHP static inclusion algorithm > - Improved PHP PEAR tracking functions base > - Added Java JSON-RPC support > > We are continuously working on improving our products and keeping them > up to date > so you can be sure that all the latest threats get detected. > > Kind Regards > -- > DefenseCode Team > ThunderScan - Scan your Web Application For Security Vulnerabilities > http://www.defensecode.com/subcategory/thunderscan-8 > > > Confidentiality Notice: This message is for the sole use of the > intended recipient(s). It may contain confidential or proprietary > information and may be subject to the attorney-client privilege or > other confidentiality protections. If this message was misdirected, > neither FNC Holding Company, Inc. nor any of its subsidiaries waive > any confidentiality, privilege, or trade secrets. If you are not a > designated recipient, you may not review, print, copy, retransmit, > disseminate, or otherwise use this message. If you have received this > message in error, please notify the sender by reply e-mail and delete > this message. >
Empathy v1.0   2024 ©Harmonylists.com