[Full-disclosure] Flex website scanners
Any good flex website application scanners? Most of the free automated web application scanners like paros, nikto, etc do not look at flex/ flash web pages. We are looking at a website and need some basic automated scanning tool to cover the flex/ flash part Thanks ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Flex website scanners
Check out SWFScan. It does what a scanner is supposed to do, which is find low-hanging vulnerabilities. The tool does a pretty good job at decompiling for the most part, but you still really need to do manual analysis on the code!! You should never rely on ANY scanner to do 100% of your analysis. Link- https://h30406.www3.hp.com/campaigns/2009/wwcampaign/1-5TUVE/index.php?key=swf -Jack Mannino ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
