[Owasp-leaders] Bring balance: force verification in scanning tools

Bev Corwin bev.corwin at owasp.org
Sun May 22 22:55:52 UTC 2016


So true. Achilles heel.

Bev

On Sun, May 22, 2016 at 12:56 AM, Kevin W. Wall <kevin.w.wall at gmail.com>
wrote:

>
> I think you've put your finger on it...open source and hacker
> modifications.
> (Frankly, that's even fairly easier to do with assembler code and closed
> source.) But given that it IS open source, a hacker would simply fork it
> on GitHub or BitBucket or wherever and just point fellow black hats at
> the modified source at some other URL.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160522/8501a2ea/attachment.html>


More information about the OWASP-Leaders mailing list