subgraph
[Feature Request] Source Code Scanning
I'm not sure if anyone else is interested in this, but I think so sort of "dual scan" would be awesome, where in addition to the normal blackbox type of scan one can select a path to the source code of the application scanned and where Vega would assign the vulnerabilities it finds through the blackbox scan to the according parts of the source code and also scan the souce code itself as a second way to detect issues. This is probably a bit more advanced and not where the developers see Vega going, but I thought it's still worth suggesting. Very good tool by the way and I'm looking forward to the new version, thank you for your hard work.
We talked about doing this a long time ago, and there is even some code somewhere for doing PHP static analysis that @brl wrote. Perhaps one day. Thanks for the feedback.
