[ad] This is a pretty interesting development from Google and also seems to be coming much more common now, companies openly offering payments for bugs/vulnerabilities discovered in their software. It’s a chance for the white-hat guys to earn a few bucks, but honestly I don’t think it’s going to change anything. Especially not when we’re […]
Search Results for: fuzzing
Twitter Hack Spreads P*rn Trojan
[ad] I had a spam tweet appear in my stream a while back and like Guy Kawasaki I also had absolutely no idea where it came from. Perhaps some kinda XSS flaw in Twitter when I visited a site that spawned the message (in a hidden iframe perhaps). It wouldn’t be the first time Twitter […]
Webshag 1.10 Released – Free Web Server Audit Tool
[ad] Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing. You may remember back in March 2008 we published about Webshag 1.00 being released. Now Webshag 1.10 has been released! This new version provides several […]
fzem – MUA (Mail User Agent) / Mail Client Fuzzer
[ad] fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses. Purpose fzem’s purpose is to fuzz MUAs as they process email content and handle server reponses. How does it work? fzem has the three main mail protocols implemented as well […]
Tmin – Test Case Optimizer for Automated Security Testing
[ad] Tmin is a simple utility meant to make it easy to narrow down complex test cases produced through fuzzing. It is closely related to another tool of this type, delta, but meant specifically for unknown, underspecified, or hard to parse data formats (without the need to tokenize and re-serialize data), and for easy integration […]