<br>Hi,<br><br><div style="margin-left: 40px;">In case if I want to try this out, I would probably run this inside a VM. Has anyone really tried this? If yes please explain.<br><br></div>Regards<br><b>Rajiv</b><br>Security Consultant<br>
<br><br><div class="gmail_quote">On Sat, Sep 12, 2009 at 9:30 PM,  <span dir="ltr">&lt;<a href="mailto:owasp-bangalore-request@lists.owasp.org">owasp-bangalore-request@lists.owasp.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Send OWASP-Bangalore mailing list submissions to<br>
        <a href="mailto:owasp-bangalore@lists.owasp.org">owasp-bangalore@lists.owasp.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
        <a href="https://lists.owasp.org/mailman/listinfo/owasp-bangalore" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-bangalore</a><br>
or, via email, send a message with subject or body &#39;help&#39; to<br>
        <a href="mailto:owasp-bangalore-request@lists.owasp.org">owasp-bangalore-request@lists.owasp.org</a><br>
<br>
You can reach the person managing the list at<br>
        <a href="mailto:owasp-bangalore-owner@lists.owasp.org">owasp-bangalore-owner@lists.owasp.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than &quot;Re: Contents of OWASP-Bangalore digest...&quot;<br>
<br>
<br>
Today&#39;s Topics:<br>
<br>
   1. exploitable Crash Analyzer - Open Source Security Tool from<br>
      Microsoft (PraKash)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Fri, 11 Sep 2009 21:12:57 +0530<br>
From: PraKash &lt;<a href="mailto:prakash2757@gmail.com">prakash2757@gmail.com</a>&gt;<br>
Subject: [OWASP-Bangalore] exploitable Crash Analyzer - Open Source<br>
        Security        Tool from Microsoft<br>
To: <a href="mailto:null-co-in@googlegroups.com">null-co-in@googlegroups.com</a>, <a href="mailto:owasp-bangalore@lists.owasp.org">owasp-bangalore@lists.owasp.org</a><br>
Message-ID:<br>
        &lt;<a href="mailto:cf2478a20909110842l183ff6e1q18cd7f70acdae9d7@mail.gmail.com">cf2478a20909110842l183ff6e1q18cd7f70acdae9d7@mail.gmail.com</a>&gt;<br>
Content-Type: text/plain; charset=&quot;windows-1252&quot;<br>
<br>
Microsoft released an open-source program designed to streamline the<br>
labor-intensive process of identifying security vulnerabilities in software<br>
while it?s still under development.<br>
<br>
<br>
It provides automated crash analysis and security risk assessment. This tool<br>
was created by the Microsoft Security Engineering Center (MSEC) Security<br>
Science Team. exploitable Crash Analyzer (pronounced ?bang exploitable crash<br>
analyzer?) combs through bugs that cause a program to seize up, and assesses<br>
the likelihood of them being exploited by attackers. It?s a Windows debugger<br>
extension that?s used during fuzz testing, when testers test the stability<br>
and security of an application by throwing unexpected data at it.<br>
<br>
<br>
<br>
The tool creates hashes to ensure each crash is unique then rates them<br>
according to how exploitable it is - Exploitable, Probably Exploitable,<br>
Probably Not Exploitable or Unknown.<br>
<br>
<br>
Download !exploitable Crash Analyzer<br>
<a href="http://msecdbg.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=28935" target="_blank">http://msecdbg.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=28935</a><br>
<br>
<br>
<br>
- Prakash<br>
<br>
<br>
&lt;<a href="http://www.linkedin.com/in/prakashp" target="_blank">http://www.linkedin.com/in/prakashp</a>&gt;<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <a href="https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090911/9ce1cacb/attachment-0001.html" target="_blank">https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090911/9ce1cacb/attachment-0001.html</a><br>

<br>
------------------------------<br>
<br>
_______________________________________________<br>
OWASP-Bangalore mailing list<br>
<a href="mailto:OWASP-Bangalore@lists.owasp.org">OWASP-Bangalore@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-bangalore" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-bangalore</a><br>
<br>
<br>
End of OWASP-Bangalore Digest, Vol 22, Issue 9<br>
**********************************************<br>
</blockquote></div><br>