[Twisted-Python] Trying out Detectify on twistedmatrix.com
Ying Li
cyli at twistedmatrix.com
Wed Feb 15 00:13:38 MST 2017
Hey all,
I recently heard about https://detectify.com/ <https://detectify.com/> , which is a service which does automatic pen testing, scanning for OWASP top 10 vulnerabilities (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project <https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project>).
I thought this would be a useful thing to try to run against https://twistedmatrix.com. They offer non-commercial accounts, and have approved us for a non-commercial account should we want to run automated scans.
I’m going to try running the scan once tonight (post midnight PST), or alternately tomorrow (again post midnight PST) if tonight goes wrong.
Any vulnerabilities discovered will be shared with twisted admins only.
Just wanted to warn everyone in case alerts start going off or if it happens to knock anything over (which is unlikely, but just in case Glyph has volunteered to look into it if it happens).
Thanks!
-Ying
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://twistedmatrix.com/pipermail/twisted-python/attachments/20170214/df0d7c02/attachment.html>
More information about the Twisted-Python
mailing list