I have a pilot program in place using SPI Dynamics WebInspect (WI) product to scan my environment for possible SQL Injection in web applications. I have ran across the following paper; http://www.tenablesecurity.com/white_papers/sec_test_light_newt_nessus1. pdf , which suggests Nessus may be able to detect SQL and XSS vulnerabilities. The paper is dated Jan 2, 2004, so it is relatively new. I followed the suggestions of this paper to run a head to head test against WI. There exists a website to test against, http://endo.webappsecurity.com . I discovered that WI found 2 SQL Injection vulnerabilities whereas Nessus found none. Nessus did discover the CVS directory and expanded the root tree. One thing I thought might be happening is that the website to test against is owned by SPI and they have programmed in to watch for Nessus scans to force false negatives. Is there anyone successfully using sql_injection.nasl and tourturecgis.nasl to discover SQL or XSS vulnerabilities? I would be interested in either an offline or online discussion.
Thank you, Drew Flickema _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
