Well at jut over 9.5% i don't quite see it winning but do what you feel you want to do .

i am confused between two of these
1. Security Scanner
2. Vulnerabilities Source Code Analyser
umm... can be either of these

What would you like the team to create? Let's have your input here. Poll will end next friday.


Thank you for your time.
Shaun.

i choose other...maybe it's immpossible but would be nice for a GUI compiler for c and/or others...

many of ppl here getting problems compiling stuff

well this is my sort of interest..so i voted

Vulnerabilities Source Code Analyser

I voted for Vulnerabilities Source Code Analyser too.

Would be useful for me at any rate... more than the others.

lol, re-inventing the wheel...

i reall y like the idea of the Source Code Analyser but i think its a little over my coding skills and i would not know where to start but i'll help any way i can

I would have voted Vulnerabilities Source Code (without Analayzer ), Didnt you say shaun you'd try and see whats the demand for xploits ?
I'm pretty confident this is the only thing myself (and many others) will have use of, but not only for whooping boxes, yet also helping others understand how exploits work and how to write them. I'm sure not few coders could use such examples, and ask questions directly.
But eventually, since you are complaining that most of the masses will use it for defacing boxes, I can just say that most of whats talked about in governmentsecurity forums is defacement of sites, tools for defacement, autorooters, new exploits and so on. not to mention - giving a public stage for defacing experiences, and compiled working exploit codes. So you're not quite "off the responsibility" on this one. You do help the kids deface, whether you like it or not. I, however, personally don't have any objection to this act, since those companies who make the programs, Micro$oft at particular, will never do enough to improve their products' security otherwise. they just won't learn, and customers who get hit might try alternatives, which will also affect those companies who release buggy products, to improve. and fact is, as much as i believe in the microsoft-u.s. government infamous conspiracy, they have got security standards much higher then how it was few years ago (yet still not good enough).

just my 2cents...

those are 2 pretty pennies...

i'm with tte

I vote for the "Security Scanner", but the "Vulnerabilities Source Code Analyser " is intressting too

Yeap, sorry, you're right, exploit code does help people to learn. I'm sorry.

www.securityfocus.com
www.packetstormsecurity.org

Enjoy.


But on a serious note, I will edit the poll and add "exploits", and if exploit codes win, we'll write exploits for newly discovered vulnerabilities. If that's what you want, it's what you'll get. Don't come whinging to us when you realise that exploits really aren't so exciting...

Heh, I would quite like to write a firewall. Maybe we could do multiple stuff...


Thank you for your time.
Shaun.

i think that a code analyser would be the best...
that's what we don't have...
i don't understand what it will be able to do but i think it will be great...
also, for guys that post a scanner or are going to post for scanner request, i must tell them to think about this again...
cause scanners are everywhere out...
they can google for them...

Well I'm in for the Firewall. Maybe u guys can think of something different .... I"ll try to thin kover it and do some research ....

P.S: I'm a white hatter

Looks like source code analyser is winning so far. Keep those votes coming, whoever hasn't voted yet.
By the way, I haven't voted, I submitted a null vote to keep it as fair as possible.


-Shaun.

i want to join GSO team ..... msg me

Uhmmmm... didnt vote yet, but i´d like to see something like this http://www.thc.org/thc-rut/

Coz there are a lot more Firewalls and all the other stuff u suggested out there than smth like that (yes i know of P0f)

yeap i agree, exploit code does help people to learn. Let's work on the analyzer

I'd also like to remind people of the zero tolerance to DDoS bots and virii on this forum. While it may be suggested we'd have to work something out in the middle ground.

Oh, sorry, would you like me to remove the option?


-Shaun.

I have not decided yet.

But I think, It would be so helpfull if every one that would work here have a good view of those things. For example Source Code Analyser,

There are some same projects started before, e.g. Flawfinder RATS ITS4 PScan.

Poll ended.


The winner is: Vulnerabilities source code analyser, with 23 votes. Vulnerabilities source code analyser came close after with 21 votes. If we for some reason don't create a source code analyser, we'll write some exploits for newly discovered vulnerabilities.

Does anybody have anything to add? Objections? Ideas?


-Shaun.

All i have to say is ...

"Gogogogogogogogogogogo."

Lets get this thing organised.

best of luck to all involved

as OneNight said.

Letme know when it's done....

need a new toy.

Wkd.

Enjoy your day.

I voted vulnerabilities Source Code Analyser

cheers