Sent: Tuesday, February 27, 2007 12:06 AM
To: Secure Coding
Subject: [SC-L] Dark Reading - Desktop Security - Here Comes the (Web) Fuzz-
Security News Analysis
Here's an interesting article from Dark Reading about web fuzzers. Web
fuzzing seems to be gaining some traction these days as a popula
On Feb 27, 2007, at 4:54 AM, Michael Silk wrote:
unconvinced of what? what fuzzing is useful? or that it's the best
security testing method ever? or you remain unconvinced that fuzzing
in web apps is > fuzzing in os apps?
fuzzing has obvious advantages. that's all anyone should care about.
No,
On 2/27/07, Kenneth Van Wyk <[EMAIL PROTECTED]> wrote:
>
> Here's an interesting article from Dark Reading about web fuzzers. Web
> fuzzing seems to be gaining some traction these days as a popular means of
> testing web apps and web services.
>
> http://www.darkreading.com/document.asp?doc_id=118
07
To: Secure Coding
Subject:Re: [SC-L] Dark Reading - Desktop Security - Here Comes the
(Web)Fuzz - Security News Analysis
On Feb 27, 2007, at 3:33 AM, Steven M. Christey wrote:
> Given the complex manipulations that can work in XSS attacks (see
> RSnake's
> cheat sheet) a
On Feb 27, 2007, at 3:33 AM, Steven M. Christey wrote:
Given the complex manipulations that can work in XSS attacks (see
RSnake's
cheat sheet) as well as directory traversal, combined with the sheer
number of potential inputs in web applications, multipied by all the
variations in encodings, I
Here's an interesting article from Dark Reading about web fuzzers.
Web fuzzing seems to be gaining some traction these days as a popular
means of testing web apps and web services.
http://www.darkreading.com/document.asp?
doc_id=118162&f_src=darkreading_section_296
Any good/bad experience