Comments (5)
π
Andres @ Android
El mar 28, 2015 1:14 p.m., "Slava" [email protected] escribiΓ³:
I suppose it will be useful if we add support for template variables in
such cases:The line
Arachni has flagged this not as a vulnerability, but as a ...
is converted to
{{SCANNER}} has flagged this not as a vulnerability, but as a ...
What do you think?
β
Reply to this email directly or view it on GitHub
#11.
from data.
While we code the template+generic stuff I just replaced "Arachni" with "The tool" in all files.
f3da384
from data.
I believe we should add more thinking to this issue before we act on it, adding the template variables might not be the best thing to do since it makes the SDKs more complex and the DB difficult to write.
We might simply ask the DB entries to be generic and that's it. Instead of FooTool was able to detect that sending request X generated Y error
we can have database entries with The tool was able to detect that sending request X generated Y error
, or even better so it can be used in an environment without tools: It was possible to detect that sending request X generated Y error
from data.
@m0sth8 , @Zapotek let me know what you guys think and I'll change the JSON files accordingly (manual changes are required, but I don't mind)
from data.
I think we should remove everything that follows Arachni
(or The tool
) from the descriptions as these things are relevant to the specific way the tool identified the issue, rather than data about the issue itself.
Tools can append that stuff to the descriptions if they so choose and provide much better context too.
Just my 2c.
from data.
Related Issues (20)
- Add new vulnerabilities to database HOT 1
- Add new vulnerabilities to database (must-have)
- Write unittest to verify all JSON files comply with schema.json
- Write unittests required by specification HOT 2
- Avoid duplicated fix guidance HOT 6
- nmap might be interested in using vulndb/data
- Broad/Descriptive Tags On Entries HOT 6
- Remove Arachni-specific tags
- Markdown: 1- vs 1. HOT 1
- Translate database in russian HOT 7
- Add WASC references to existing vulnerabilities in DB
- Add field to describe who is affected by vulnerability HOT 1
- Add CVSS HOT 5
- Move markdown out of JSON files HOT 5
- cwe IDs HOT 3
- Add reference to CWE/SANS Top 25 (2011) HOT 5
- php sdk HOT 10
- Move WASC TC v2 URLs to vulndb/data HOT 3
- Remove duplicated CWE data HOT 2
- Is this project still alive? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from data.