[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Fuzzing testing webapp?

To: webappsec@xxxxxxxxxxxxxxxxx, pen-test@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Fuzzing testing webapp?
From: Mark Sec <mark.sec@xxxxxxxxx>
Date: Sun, 11 Dec 2005 08:25:05 -0800

Alo,

Well , im looking a tool, tricks or fuzzing to perform a tesging over
webapp.

I remember a script that found bugs like traversal directory, input
validation, buffer overflows, malformed characters ...

e.g:

I want to do something like this with a script, tool etc, (Looking fuzzing
directory traversal )

http://target/any.asp?data=.../.../.../ <-

where the variable "data="  <-- this  i want to test to found some bugs

e.g 2 (Looking a bugs over variables)

http://target/cgi-bin/any.cgi?data=var1&var2&;

where the variable "varq1" and "var2" <- this i want to test to found some
bugs


does anyone have scripts, tools or tricks to perform a testing variables,
cgis, asp, jsp , whatever ?

Mark :-)
CISSP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Fuzzing testing webapp?
  - From: Thierry Zoller
- Re: [Full-disclosure] Fuzzing testing webapp?
  - From: Morning Wood

Prev by Date: Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Next by Date: [Full-disclosure] Re: [KAPDA::#16] - SMF SQL Injection
Previous by thread: [Full-disclosure] Re: [DCG] DEFCON London group - DC4420 - inaugural meeting and Christmas Drinks!
Next by thread: Re: [Full-disclosure] Fuzzing testing webapp?
Index(es):
- Date
- Thread