[Owasp-singapore] Fuzzing - who knows how to do fuzzing and have done it before

Steve Lam steve.lyk at gmail.com
Mon Apr 5 05:03:46 EDT 2010


Personally I use SPIKE/Scully/tcpreplay-rewrite for protocol hackery and
Burp pro for Web apps. Good stuff.

On Mon, Apr 5, 2010 at 4:31 PM, <Pishu.Mahtani at asia.ing.com> wrote:

> Hi Onn Chee,
>
> 1) Yes I have used Fuzzers.
> 2) Depends on what I'm fuzzing. Is it a protocol or is it an application?
> There are 2 type of fuzzers or techniques. The first being generational and
> the other being mutational. I stick to GPF most of the time but I
> occasionally use PROTOS-SIP for fuzzing those VoIP devices and SPIKE Proxy
> for those pesky Web-Apps... ;)
>
> Regards
> Pishu
>
> -----Original Message-----
> From: Wong Onn Chee [mailto:ocwong at usa.net]
> Sent: Monday, April 05, 2010 4:19 PM
> To: Mahtani, Pishu
> Cc: owasp-singapore at lists.owasp.org; security-77 at meetup.com
> Subject: Re: [Owasp-singapore] Fuzzing - who knows how to do fuzzing and
> have done it before
>
> Thanks for the prompt reply, Pishu.
>
> Just to clarify.
> My questions are:
>
> 1) Have you used fuzzing?
> 2) If yes, what are your preferred fuzzers? Why?
>
>
> On 04/05/2010 03:59 PM, Pishu.Mahtani at ASIA.ING.com wrote:
> > eneral Purpose Fuzzer
>
>
>
> -----------------------------------------------------------------------------
> The information in this Internet email is confidential and may be legally
> privileged. It is intended solely for the addressee. Access to this
> Internet
> email by anyone else is unauthorised.
>
> If you are not the intended recipient, any disclosure, copying,
> distribution
> or any action taken or omitted to be taken in reliance on it, is prohibited
> and may be unlawful. When addressed to our clients any opinions or advice
> contained in this Internet email are subject to the terms and conditions
> expressed in any applicable governing ING's terms of business or
> client engagement letter.
>
> Visit us at www.ing.com
>
> -----------------------------------------------------------------------------
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>



-- 
Regards,
Steve Lam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20100405/4fb5e48f/attachment.html 


More information about the Owasp-singapore mailing list