[OWASP-Bangalore] OWASP-Bangalore Digest, Vol 86, Issue 3

A.K. Sharma amitsharma2009 at gmail.com
Tue Mar 24 05:18:34 UTC 2015


Hello Srihari,

There are a lot of tools available in the market. But the requirement you
are quoting are two different ones.

One I think is the tool which identifies the total number of software which
are installed on your server, may it be Linux or Windows.

The second one is finding out if there are issues with respect to the
vulnerabilities in the third party libraries which are there in your
systems or server.

I have used a couple of them for your second requirement and have found
promising results.

http://www.codenomicon.com/products/appcheck/ is one good one.

I think the website speaks it all but if you are looking for specific
information let me know either here on this forum or on my personal email
ID ...


Regards,
AMIT

On Mon, Mar 23, 2015 at 5:30 PM, <owasp-bangalore-request at lists.owasp.org>
wrote:

> Send OWASP-Bangalore mailing list submissions to
>         owasp-bangalore at lists.owasp.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> or, via email, send a message with subject or body 'help' to
>         owasp-bangalore-request at lists.owasp.org
>
> You can reach the person managing the list at
>         owasp-bangalore-owner at lists.owasp.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OWASP-Bangalore digest..."
>
>
> Today's Topics:
>
>    1. Software identification/inventory tool (Srihari_M at dell.com)
>    2. Getting Started with HTTP2 (Akash Mahajan)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 22 Jan 2015 09:21:08 +0000
> From: <Srihari_M at dell.com>
> To: <Srihari_M at dell.com>
> Subject: [OWASP-Bangalore] Software identification/inventory tool
> Message-ID:
>         <
> F74EBD5768396745BA22C4126E93910D03542F at AUSX10HMPS306.AMER.DELL.COM>
> Content-Type: text/plain; charset="us-ascii"
>
> Team, I am looking for help and I thought this is the forum to reach out
> for more insight.
>
> I googled and found few tools mostly commercial, Has anyone used any tool
> (Open source / commercial) to identify list of software on a given platform?
>
> Is there any tool that can help detect the following in windows and Linux
> platforms?
>
>
> a.      List of software
>
> b.      3rd party libraries
>
> c.      Open source
>
> Also, Do any of the open source tools have the ability to identify
> vulnerabilities on the listed Open source etc.
>
> I am working on a program to revamp our Secure SDLC and this is one of my
> critical focus for this year. Any info on the same, will be really helpful.
> Thanks to you all.
>
> Thank you.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20150122/4c330fa9/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 2
> Date: Mon, 23 Mar 2015 08:54:04 -0000
> From: Akash Mahajan <akashmahajan at gmail.com>
> To: "null-co-in at googlegroups.com" <null-co-in at googlegroups.com>,
>         "owasp-bangalore at lists.owasp.org" <owasp-bangalore at lists.owasp.org
> >
> Subject: [OWASP-Bangalore] Getting Started with HTTP2
> Message-ID: <20150323065406.30701.51190 at domU-12-31-39-0A-A0-4F>
> Content-Type: text/plain; charset="utf-8"
>
> Hey Folks,
>
> Updated the session page with presentation and link.
>
> http://swachalit.null.co.in/event_sessions/294-getting-started-with-http2
>
> The direct link is https://github.com/theappseclab/http2-getstarted
>
> In the Readme.md file you will find a link to the vagran box file as well
>
> Please feel free to send me feedback (positive, negatie, neutral) etc.
>
> Thank you.
>
> --
> Warm regards,
> Akash Mahajan
>
> *That Web Application Security Guy* | +91 99 805 271 82
> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
> *OWASP Bangalore Chapter Lead | null Community Manager*
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20150323/cbbad7b7/attachment-0001.html
> >
>
> ------------------------------
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> Twitter : @owaspbangalore
>
>
> End of OWASP-Bangalore Digest, Vol 86, Issue 3
> **********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20150324/b9cad439/attachment.html>


More information about the OWASP-Bangalore mailing list