posted on Tuesday, February 10, 2004 8:09 PM
by
stefandemetz
Thorny issue: To release or not to release Audit/Security/Hacking tool ?
I' ve coded up a tool to audit a web site for script injection checking following things:
- Input on form
- Querystring
- URL(I know, URLSCAN partially does it)
- CSS : cross site script injection
- SQL injection tring to change SP, launch extended SP (send mail), grant user rights, delete stuff
Now I am undecided if I should release it without being another John Lam