From mansourweb at gmail.com Sun Oct 7 14:38:12 2012 From: mansourweb at gmail.com (Mansour Ahmadi) Date: Sun, 7 Oct 2012 23:08:12 +0330 Subject: [Nikto-discuss] Help Nikto Message-ID: Dear Friends, I want to cluster OSVDB vulnerabilities with a novel algorithm. if I cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? Thank you so much -------------- next part -------------- An HTML attachment was scrubbed... URL: From csullo at gmail.com Fri Oct 12 20:09:19 2012 From: csullo at gmail.com (Sullo) Date: Fri, 12 Oct 2012 21:09:19 -0400 Subject: [Nikto-discuss] Help Nikto In-Reply-To: References: Message-ID: I'm not sure I follow what you mean about "clustering" them... could you explain a bit further? Thanks, Sullo On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: > Dear Friends, > > I want to cluster OSVDB vulnerabilities with a novel algorithm. if I > cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? > > Thank you so much > > _______________________________________________ > Nikto-discuss mailing list > Nikto-discuss at attrition.org > https://attrition.org/mailman/listinfo/nikto-discuss > > -- http://www.cirt.net | http://richsec.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From mansourweb at gmail.com Sat Oct 13 00:22:06 2012 From: mansourweb at gmail.com (Mansour Ahmadi) Date: Sat, 13 Oct 2012 08:52:06 +0330 Subject: [Nikto-discuss] Help Nikto In-Reply-To: References:

Message-ID: Dear Sullo, Thank you for your reply. I mean, I want to detect the lable (class or category) of a vulnerability automatically. for example, In OSVDB or CVE, If a new bug release, I predict what is the calss of it (SQL inj, XSS, ...). then, generate the exploit of it automatically. Do you think is it possible and useful ? Thanks a lot On Sat, Oct 13, 2012 at 4:39 AM, Sullo wrote: > I'm not sure I follow what you mean about "clustering" them... could you > explain a bit further? > > Thanks, > Sullo > > On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: > >> Dear Friends, >> >> I want to cluster OSVDB vulnerabilities with a novel algorithm. if I >> cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? >> >> Thank you so much >> >> _______________________________________________ >> Nikto-discuss mailing list >> Nikto-discuss at attrition.org >> https://attrition.org/mailman/listinfo/nikto-discuss >> >> > > > -- > > http://www.cirt.net | http://richsec.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailforalexb at googlemail.com Sat Oct 13 11:50:10 2012 From: mailforalexb at googlemail.com (Alex Brook) Date: Sat, 13 Oct 2012 23:50:10 +0700 Subject: [Nikto-discuss] Fwd: Re: Help Nikto In-Reply-To: References:

Message-ID: ---------- Forwarded message ---------- From: "Alex Brook" Date: Oct 13, 2012 11:48 PM Subject: Re: [Nikto-discuss] Help Nikto To: "Mansour Ahmadi" Hi Mansour, How would you generate the exploit automatically? I think class of the exploit is simple enough but perhaps automatic generation of the exploit not so easy. Would there not be some variables? Alex. On Oct 13, 2012 12:22 PM, "Mansour Ahmadi" wrote: > Dear Sullo, > > Thank you for your reply. > > I mean, I want to detect the lable (class or category) of a > vulnerability automatically. for example, In OSVDB or CVE, If a new bug > release, I predict what is the calss of it (SQL inj, XSS, ...). then, > generate the exploit of it automatically. > > Do you think is it possible and useful ? > > Thanks a lot > > On Sat, Oct 13, 2012 at 4:39 AM, Sullo wrote: > >> I'm not sure I follow what you mean about "clustering" them... could you >> explain a bit further? >> >> Thanks, >> Sullo >> >> On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: >> >>> Dear Friends, >>> >>> I want to cluster OSVDB vulnerabilities with a novel algorithm. if I >>> cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? >>> >>> Thank you so much >>> >>> _______________________________________________ >>> Nikto-discuss mailing list >>> Nikto-discuss at attrition.org >>> https://attrition.org/mailman/listinfo/nikto-discuss >>> >>> >> >> >> -- >> >> http://www.cirt.net | http://richsec.com/ >> > > > _______________________________________________ > Nikto-discuss mailing list > Nikto-discuss at attrition.org > https://attrition.org/mailman/listinfo/nikto-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mansourweb at gmail.com Sat Oct 13 14:14:41 2012 From: mansourweb at gmail.com (Mansour Ahmadi) Date: Sat, 13 Oct 2012 22:44:41 +0330 Subject: [Nikto-discuss] Help Nikto In-Reply-To: References:

Message-ID: Dear Alex, Thank you for your reply. As you said, It is a two-step process. At the moment, I want to focus at the first step, Then I want to use AI to generate exploit somewhat. Now, I want to focus on the predicting of the class automatically. Before that I must cluster (Grouping) the vulnerabilities because : 1) There is *no standard* for different vulnerabilities databases. each vuln database has its own categories. 2) The *total number* of vulnerabilities is high each day ( the number of vulnerabilities reported in January 2012, amounts to 488). so it is a cumbersome task. 3) Working with words in AI applications has many challenges (finding *useful words* to help classification and clustering) Don't you agree with me that even the first step is useful and is not easy ? On Sat, Oct 13, 2012 at 8:18 PM, Alex Brook wrote: > Hi Mansour, > > How would you generate the exploit automatically? I think class of the > exploit is simple enough but perhaps automatic generation of the exploit > not so easy. Would there not be some variables? > > Alex. > On Oct 13, 2012 12:22 PM, "Mansour Ahmadi" wrote: > >> Dear Sullo, >> >> Thank you for your reply. >> >> I mean, I want to detect the lable (class or category) of a >> vulnerability automatically. for example, In OSVDB or CVE, If a new bug >> release, I predict what is the calss of it (SQL inj, XSS, ...). then, >> generate the exploit of it automatically. >> >> Do you think is it possible and useful ? >> >> Thanks a lot >> >> On Sat, Oct 13, 2012 at 4:39 AM, Sullo wrote: >> >>> I'm not sure I follow what you mean about "clustering" them... could you >>> explain a bit further? >>> >>> Thanks, >>> Sullo >>> >>> On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: >>> >>>> Dear Friends, >>>> >>>> I want to cluster OSVDB vulnerabilities with a novel algorithm. if I >>>> cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? >>>> >>>> Thank you so much >>>> >>>> _______________________________________________ >>>> Nikto-discuss mailing list >>>> Nikto-discuss at attrition.org >>>> https://attrition.org/mailman/listinfo/nikto-discuss >>>> >>>> >>> >>> >>> -- >>> >>> http://www.cirt.net | http://richsec.com/ >>> >> >> >> _______________________________________________ >> Nikto-discuss mailing list >> Nikto-discuss at attrition.org >> https://attrition.org/mailman/listinfo/nikto-discuss >> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From FBreedijk at schubergphilis.com Sat Oct 13 16:02:11 2012 From: FBreedijk at schubergphilis.com (Frank Breedijk) Date: Sat, 13 Oct 2012 21:02:11 +0000 Subject: [Nikto-discuss] Help Nikto In-Reply-To: References:

, Message-ID: Mansour, In this case, why don't you start with the databases, if you publish link between ID (CVE/OSVDB id) and class and it is meaningful it shouldn't be hard for tool makers to tie it in. --- Sent from mobile, message may contain tyopos On 13 okt. 2012, at 21:15, "Mansour Ahmadi" > wrote: Dear Alex, Thank you for your reply. As you said, It is a two-step process. At the moment, I want to focus at the first step, Then I want to use AI to generate exploit somewhat. Now, I want to focus on the predicting of the class automatically. Before that I must cluster (Grouping) the vulnerabilities because : 1) There is no standard for different vulnerabilities databases. each vuln database has its own categories. 2) The total number of vulnerabilities is high each day ( the number of vulnerabilities reported in January 2012, amounts to 488). so it is a cumbersome task. 3) Working with words in AI applications has many challenges (finding useful words to help classification and clustering) Don't you agree with me that even the first step is useful and is not easy ? On Sat, Oct 13, 2012 at 8:18 PM, Alex Brook > wrote: Hi Mansour, How would you generate the exploit automatically? I think class of the exploit is simple enough but perhaps automatic generation of the exploit not so easy. Would there not be some variables? Alex. On Oct 13, 2012 12:22 PM, "Mansour Ahmadi" > wrote: Dear Sullo, Thank you for your reply. I mean, I want to detect the lable (class or category) of a vulnerability automatically. for example, In OSVDB or CVE, If a new bug release, I predict what is the calss of it (SQL inj, XSS, ...). then, generate the exploit of it automatically. Do you think is it possible and useful ? Thanks a lot On Sat, Oct 13, 2012 at 4:39 AM, Sullo > wrote: I'm not sure I follow what you mean about "clustering" them... could you explain a bit further? Thanks, Sullo On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi > wrote: Dear Friends, I want to cluster OSVDB vulnerabilities with a novel algorithm. if I cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? Thank you so much _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss -- http://www.cirt.net | http://richsec.com/ _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jericho at attrition.org Sat Oct 13 17:20:51 2012 From: jericho at attrition.org (security curmudgeon) Date: Sat, 13 Oct 2012 17:20:51 -0500 (CDT) Subject: [Nikto-discuss] Help Nikto In-Reply-To: References:

Message-ID: On Sat, 13 Oct 2012, Mansour Ahmadi wrote: : 1) There is *no standard* for different vulnerabilities databases. each : vuln database has its own categories. The only 'standard' among most is the use of CVSS, which is a very crude classification system. Most VDBs do not use more than that, other than OSVDB. : 2) The *total number* of vulnerabilities is high each day ( the number of : vulnerabilities reported in January 2012, amounts to : 488). : so it is a cumbersome task. OSVDB has ~ 715 for January 2012. From mailforalexb at googlemail.com Sun Oct 14 09:10:35 2012 From: mailforalexb at googlemail.com (=?utf-8?B?bWFpbGZvcmFsZXhiQGdvb2dsZW1haWwuY29t?=) Date: Sun, 14 Oct 2012 21:10:35 +0700 Subject: [Nikto-discuss] =?utf-8?q?Help_Nikto?= Message-ID: <507ac7dc.85cc440a.5d18.62fa@mx.google.com> I think clustering the vulnerabilities shouldn't be too difficult. Of course the work involved depends on the granularity. Considering that you want to automatically generate exploits then yes this will be difficult and time consuming. Rather than full automation, I think it would save a lot of time and be more practical to cluster less specifically and provide some options to end user. One click exploits that ate up to date sounds too dreamy. Just my opinion though. I'm no professional. This is the first thread I've posted too and not really qualified through experience, only my thinking here. Alex. ----- Reply message ----- From: "Mansour Ahmadi" To: "Alex Brook" Cc: Subject: [Nikto-discuss] Help Nikto Date: Sun, Oct 14, 2012 2:14 AM Dear Alex,? Thank you for your reply.?As you said, It is a two-step process. At the moment, I want to focus at the first step, Then I want to use AI to generate exploit somewhat. Now, I want to focus on the predicting of the class automatically. Before that I must cluster (Grouping) the vulnerabilities because : 1) There is no standard for different vulnerabilities databases. each vuln database has its own categories. 2) The total number of vulnerabilities is high each day (?the number of vulnerabilities reported in January 2012, amounts to 488). so it is a cumbersome task. 3) Working with words in AI applications has many challenges (finding?useful words to help classification and clustering) Don't you agree with me that even the first step is useful and is not easy ?? On Sat, Oct 13, 2012 at 8:18 PM, Alex Brook wrote: Hi Mansour, How would you generate the exploit automatically? I think class of the exploit is simple enough but perhaps automatic generation of the exploit not so easy. Would there not be some variables? Alex. On Oct 13, 2012 12:22 PM, "Mansour Ahmadi" wrote: Dear Sullo, Thank you for your reply. I mean, I want to detect the lable (class or category) of a vulnerability?automatically.? for example, In OSVDB or CVE, If a new bug release, I predict what is the calss of it (SQL inj, XSS, ...). then, generate the exploit of it automatically. Do you think is it possible and useful ? Thanks a lot On Sat, Oct 13, 2012 at 4:39 AM, Sullo wrote: I'm not sure I follow what you mean about "clustering" them... could you explain a bit further? Thanks,Sullo On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: Dear Friends, I want to cluster OSVDB vulnerabilities with a novel algorithm.?if I cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? Thank you so much _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss -- http://www.cirt.net? ?? |? ? ? http://richsec.com/ _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From mansourweb at gmail.com Fri Oct 26 06:27:04 2012 From: mansourweb at gmail.com (Mansour Ahmadi) Date: Fri, 26 Oct 2012 14:57:04 +0330 Subject: [Nikto-discuss] Help Nikto In-Reply-To: <507ac7dc.85cc440a.5d18.62fa@mx.google.com> References: <507ac7dc.85cc440a.5d18.62fa@mx.google.com> Message-ID: Dear Friends, Thank you for your reply. I got many good points from your responses. Kind Regards, Mansour Ahmadi On Sun, Oct 14, 2012 at 5:40 PM, mailforalexb at googlemail.com < mailforalexb at googlemail.com> wrote: > I think clustering the vulnerabilities shouldn't be too difficult. Of > course the work involved depends on the granularity. Considering that you > want to automatically generate exploits then yes this will be difficult and > time consuming. > Rather than full automation, I think it would save a lot of time and be > more practical to cluster less specifically and provide some options to end > user. One click exploits that ate up to date sounds too dreamy. Just my > opinion though. I'm no professional. This is the first thread I've posted > too and not really qualified through experience, only my thinking here. > > Alex. > > > ----- Reply message ----- > From: "Mansour Ahmadi" > To: "Alex Brook" > Cc: > Subject: [Nikto-discuss] Help Nikto > Date: Sun, Oct 14, 2012 2:14 AM > > > Dear Alex, > > Thank you for your reply. > As you said, It is a two-step process. At the moment, I want to focus at > the first step, Then I want to use AI to generate exploit somewhat. > Now, I want to focus on the predicting of the class automatically. Before > that I must cluster (Grouping) the vulnerabilities because : > > 1) There is *no standard* for different vulnerabilities databases. each > vuln database has its own categories. > 2) The *total number* of vulnerabilities is high each day ( the number of > vulnerabilities reported in January 2012, amounts to 488). > so it is a cumbersome task. > 3) Working with words in AI applications has many challenges (finding *useful > words* to help classification and clustering) > > Don't you agree with me that even the first step is useful and is not easy > ? > > > On Sat, Oct 13, 2012 at 8:18 PM, Alex Brook wrote: > >> Hi Mansour, >> >> How would you generate the exploit automatically? I think class of the >> exploit is simple enough but perhaps automatic generation of the exploit >> not so easy. Would there not be some variables? >> >> Alex. >> On Oct 13, 2012 12:22 PM, "Mansour Ahmadi" wrote: >> >>> Dear Sullo, >>> >>> Thank you for your reply. >>> >>> I mean, I want to detect the lable (class or category) of a >>> vulnerability automatically. for example, In OSVDB or CVE, If a new bug >>> release, I predict what is the calss of it (SQL inj, XSS, ...). then, >>> generate the exploit of it automatically. >>> >>> Do you think is it possible and useful ? >>> >>> Thanks a lot >>> >>> On Sat, Oct 13, 2012 at 4:39 AM, Sullo wrote: >>> >>>> I'm not sure I follow what you mean about "clustering" them... could >>>> you explain a bit further? >>>> >>>> Thanks, >>>> Sullo >>>> >>>> On Sun, Oct 7, 2012 at 3:38 PM, Mansour Ahmadi wrote: >>>> >>>>> Dear Friends, >>>>> >>>>> I want to cluster OSVDB vulnerabilities with a novel algorithm. if I >>>>> cluster the vulnerabilities, how it can help Nikto ? Is it useful or not ? >>>>> >>>>> Thank you so much >>>>> >>>>> _______________________________________________ >>>>> Nikto-discuss mailing list >>>>> Nikto-discuss at attrition.org >>>>> https://attrition.org/mailman/listinfo/nikto-discuss >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> http://www.cirt.net | http://richsec.com/ >>>> >>> >>> >>> _______________________________________________ >>> Nikto-discuss mailing list >>> Nikto-discuss at attrition.org >>> https://attrition.org/mailman/listinfo/nikto-discuss >>> >>> > -------------- next part -------------- An HTML attachment was scrubbed... URL: