Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Can I trust this script from github?
Message
<blockquote data-quote="ForgottenSeer 103564" data-source="post: 1066249"><p>I understand what you are saying, between what consists of false positives with detection of behavior to tools being inert and capable of being used for good or bad depending on the users intentions. Nmap NSE for example, has many tools/scripts that can be used for good or bad, the tool just sitting there is inert as stated, until intentions come along. Does this mean it should be flagged as bad, well that's subjective.</p><p></p><p>Users with little to no knowledge or experience wanting to use such tools, needing/wanting to know if it is safe. Well generally rule of thumb is, if you have to ask, you probably shouldn't mess with it. Since many take offense to this now days, my default action is to tell them to scan it and see. I can tell them you probably shouldn't mess with that, and then other users will tell them it's harmless and they will go bork their system.</p><p></p><p>So that pretty much sums up my response above, as anything past that gets messy quickly.</p><p></p><p>I have no experience with your script, nor have I ever looked at it, so I could not state anything about it and or you, other then your response here was level headed and agreeable, you presented your side in a way I understand and won't deny. That in its self, speaks volumes.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 103564, post: 1066249"] I understand what you are saying, between what consists of false positives with detection of behavior to tools being inert and capable of being used for good or bad depending on the users intentions. Nmap NSE for example, has many tools/scripts that can be used for good or bad, the tool just sitting there is inert as stated, until intentions come along. Does this mean it should be flagged as bad, well that's subjective. Users with little to no knowledge or experience wanting to use such tools, needing/wanting to know if it is safe. Well generally rule of thumb is, if you have to ask, you probably shouldn't mess with it. Since many take offense to this now days, my default action is to tell them to scan it and see. I can tell them you probably shouldn't mess with that, and then other users will tell them it's harmless and they will go bork their system. So that pretty much sums up my response above, as anything past that gets messy quickly. I have no experience with your script, nor have I ever looked at it, so I could not state anything about it and or you, other then your response here was level headed and agreeable, you presented your side in a way I understand and won't deny. That in its self, speaks volumes. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
