Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Parameter fuzzing and forced browsing

from [indianwhitehathacker] Network Security [Permanent Link]
Subject: Parameter fuzzing and forced browsing
Date: 9 Aug 2006 14:26:59 -0000 
I was going through the OWASP Top Ten Guide and I came across these terms:-

1. Parameter fuzzing
2. Forced browsing

What are these? Is forced browsing something like an attempt to access a 
resource that I am not supposed to access by putting the direct link with the 
necessary parameter values in a hope that may be in that page the 
authentication is broken?

Also, I read about fuzzers. Can someone throw light on what are fuzzers?

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire was recently named the worldwide market leader in Web 
application security assessment tools by both Gartner and IDC. 
Download a free trial of AppScan today and see why more customers choose 
AppScan then any other solution. Try it today!
  
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Environment for testing WebApp Security Scanners, c0redump
Next by Date:  Ruby On Rails 1.1.5 Released to Address Critical Vulnerability, bugtraq
Previous by Thread:  [Full-disclosure] more on browser trust, pdp (architect)
Next by Thread:  Re: Parameter fuzzing and forced browsing, mikeiscool
Indexes:  [Date] [Thread] [Top] [All Lists]