Forgot your password?
typodupeerror
Security

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws 43

Posted by Unknown Lamer
from the always-blame-wordpress dept.
Daniel_Stuckey (2647775) writes "Following broad security scares like that caused by the Heartbleed bug, it can be frustratingly difficult to find out if a site you use often still has gaping flaws. But a little known community of software developers is trying to change that, by creating a searchable, public index of websites with known security issues. Think of Project Un1c0rn as a Google for site security. Launched on May 15th, the site's creators say that so far it has indexed 59,000 websites and counting. The goal, according to its founders, is to document open leaks caused by the Heartbleed bug, as well as 'access to users' databases' in Mongo DB and MySQL. According to the developers, those three types of vulnerabilities are most widespread because they rely on commonly used tools. For example, Mongo databases are used by popular sites like LinkedIn, Expedia, and SourceForge, while MySQL powers applications such as WordPress, Drupal or Joomla, and are even used by Twitter, Google and Facebook."
This discussion has been archived. No new comments can be posted.

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws

Comments Filter:
  • Almost useful (Score:3, Interesting)

    by Anonymous Coward on Wednesday June 11, 2014 @11:48AM (#47212885)

    Ok, you've got Google's list of everything, Un1c0rn's list of everything unsafe. What I want is the subset of Google's list that is not on Un1c0rn's list.

    Someone hack together that metasearch tool and I'll (anonymously) support you.

"In matters of principle, stand like a rock; in matters of taste, swim with the current." -- Thomas Jefferson

Working...