A pointer to a pointer (no, this isn't C)
by pat eyler
Oedipus takes a multi-phased approach. First, it does a logfile analysis looking for potential vulnerabilities creating a specially formatted oedipus output file. Second it process the oedipus file, using security plugins to identify a variety of security problems. Third, Oedipus creates an html report for the tester. Fourth, it provides a mechanism for running additional tools based on the results of the security scan (note thought, that these tools haven't been written yet).
While Oedipus is listed as being alpha (and is in fairly early development) it looks like it's maturing quickly. Thanks, Justin, for pointing it out.
If people are interested in this topic, and have a particular security bent, feel free to contribute plugins or patches.