Scanner produces too many false positive

trustedsec / cve-2019-19781

This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.

Other

570 stars 127 forks source link

Scanner produces too many false positive #22

Closed PakanAngel closed 4 years ago

PakanAngel commented 4 years ago

The scanner produces too many false positives. The scanner does not even check the server's response code returned. It just checks some patterns in server's response contents.

trustedsec commented 4 years ago

This isn’t accurate it checks response codes and as a fall back the response for server. Works great on everything that has been scanned including a large percentage of the internet.