Tag Archives | lcamtuf




american fuzzy lop – Security Oriented Fuzzing Tool

American fuzzy lop is a security-oriented fuzzing tool that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment

cross_fuzz – A Cross-Document DOM Binding Fuzzer

cross_fuzz is an amazingly effective but notoriously annoying cross-document DOM binding fuzzer that helped identify about one hundred bugs in all browsers on the market – many of said bugs exploitable – and it is still finding more. The fuzzer owes much of its efficiency to dynamically generating extremely long-winding sequences of DOM operations across […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment

Internet Explorer Zero-Day Accidentally Leaked To Chinese Hackers

First up, happy new year – let’s hope 2011 is an interesting year for the infosec community. Anyway today’s story is about the recently released tool cross_fuzz by Michal Zalewski and an inadvertent leak that have occurred. tl;dr version is something like this: Michal Zalewski writes a DOM fuzzer, fuzzes IE, finds flaws, Chinese dudes […]

Tags: , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

Stompy – The Web Application Session Analyzer Tool

A new tool dealing with web sessions was recently announced, it’s called stompy, a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they’re predictable or simply vulnerable to brute-force attacks, we do have a problem. […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·