Full Disclosure mailing list archives

Fuzzing testing webapp?

From: Mark Sec <mark.sec () gmail com>
Date: Sun, 11 Dec 2005 08:25:05 -0800

Alo,

Well , im looking a tool, tricks or fuzzing to perform a tesging over
webapp.

I remember a script that found bugs like traversal directory, input
validation, buffer overflows, malformed characters ...

e.g:

I want to do something like this with a script, tool etc, (Looking fuzzing
directory traversal )

http://target/any.asp?data=.../.../.../ <-

where the variable "data="  <-- this  i want to test to found some bugs

e.g 2 (Looking a bugs over variables)

http://target/cgi-bin/any.cgi?data=var1&var2&;

where the variable "varq1" and "var2" <- this i want to test to found some
bugs


does anyone have scripts, tools or tricks to perform a testing variables,
cgis, asp, jsp , whatever ?

Mark :-)
CISSP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fuzzing testing webapp? Mark Sec (Dec 11)
- Re: Fuzzing testing webapp? Thierry Zoller (Dec 11)
- Re: Fuzzing testing webapp? Morning Wood (Dec 11)