Hi, all! I plan to add a few small checks and improvements into audit.sslCertificate plugin. Among them:
* support of DNS alt names * checking for *soon* expired certificates So do you have any ideas what we also need to add to this plugin? One more question is why do we consider ssl errors as information and not as vulnerabilities? I suggest to raise severity of SSL errors to vuln object. -- Taras http://oxdef.info ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
