angler-fishThe Vulnerability History Project

Not Auto Discoverable

Is it plausible that a fully automated tool could have discovered this? These are tools that require little knowledge of the domain, e.g. automatic static analysis, compiler warnings, fuzzers. Examples for true answers: SQL injection, XSS, buffer overflow Examples for false: RFC violations, permissions issues, anything that requires the tool to be "aware" of the project's domain-specific requirements.


    There are no articles here... yet