Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Looking for a fuzzer/source code analyzer on customer developed code

from [Gadi Evron] Network Security [Permanent Link]
Subject: RE: Looking for a fuzzer/source code analyzer on customer developed code
Date: Tue, 18 Mar 2008 14:49:54 -0500 (CDT)
On Tue, 18 Mar 2008, Joxean Koret wrote: 
There are many fuzzers but the most powerfull are
SPIKE and Sulley. Both of them are Open Source but
SPIKE is quite old (as the latest version is only
distributed to paying customers).

If you are looking for open source, there are two routes to go.
1. Specific fuzzer: built from the engine up to fuzz one service or protocol.
2. Frame-work (my preference is Peach)

A google search should be good enough, e.g. SMTP fuzzer or SMTP fuzzing.
Really.

If you want something specific and still didn't find it, try asking on the fuzzing mailing list:
http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: anonymous Zonetransfer (AXFR) exploatation, Dave Howe
Next by Date:  Re: anonymous Zonetransfer (AXFR) exploatation, Jamie Riden
Previous by Thread:  RE: Looking for a fuzzer/source code analyzer on customer developed code, Joxean Koret
Next by Thread:  Session Hijacking over HTTP, 11ack3r
Indexes:  [Date] [Thread] [Top] [All Lists]