software to find bugs before hackers

This summer, i'm getting a lot of problems with the scripts my users host, normally *nukes, egallerys, etc.

I have all the normal configuration about security, tmp nonexec, non wget command, firewall, DOS detection, etc. but the problem still happening, i can't control all the users upload on the servers.

Today i was thinking about which software uses hackers to find old scripts to exploite them, i found something like metasploit (very complete) and some more commercial, like GFI LANguard.

What i want to do it's to find bugs begofe hackers, and i think that the only solutions it's to learn about how they do.

any ideas? anyone do that? wich software do you use?

thanks for your comments.

 

 

 

 

Top