[Owasp-singapore] [security-77] Fuzzing - who knows how to do fuzzing and have done it before

Wong Onn Chee ocwong at usa.net
Wed Apr 7 05:43:14 EDT 2010


Hi Pishu,

Our meetup sessions usually last for 2 to 1.5 hours.

It is up to the presenter to indicate some required prior knowledge for
the attendees, but I will advise that we do have novice members and even
students among our group.

We can always start off with an intro session and if there is a demand
for a deep-dive, we can arrange for another session for the deep-dive.

Hope the above replies answer your queries.

Cheers
Onn Chee

On 04/07/2010 04:17 PM, Pishu.Mahtani at ASIA.ING.com wrote:
> Hi Onn Chee,
>  
> How long do you propose such a session to be? 1hr tops or an indepth
> deep-dive which lasts 3hrs or so(Web-apps/client-apps/documents)? I
> think it would give people who intend to present a much more clearer
> picture on the how to tailor such a presentation. Also, the
> pre-requisites that the audience should have before coming for this
> session. Just my thoughts...
>
> Regards
> Pishu
>
> ------------------------------------------------------------------------
> *From:* owasp-singapore-bounces at lists.owasp.org
> [mailto:owasp-singapore-bounces at lists.owasp.org] *On Behalf Of *Wong
> Onn Chee
> *Sent:* Wednesday, April 07, 2010 4:11 PM
> *To:* security-77 at meetup.com; SIG - OWASP Singapore @MailingList
> *Subject:* Re: [Owasp-singapore] [security-77] Fuzzing - who knows how
> to do fuzzing and have done it before
>
> Great!
>
> So anyone wants to volunteer to present on fuzzing?
>
> We can have one session on fuzzing for web apps and another session on
> fuzzing for client apps / documents.
>
>
>
> On 04/07/2010 08:34 AM, Winston Leong wrote:
>> I use fuzzing sometimes, but mostly in attacking and bruteforcing.
>> Example breaking of password, intelligent fuzzing can greatly reduce
>> the time required to actually bruteforce it via the systematic method.
>>  
>> OWASP also has a tool for URL Resource call DirBuster which uses
>> fuzzing technology as well:
>> http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
>>
>> On Mon, Apr 5, 2010 at 3:20 PM, Wong Onn Chee <ocwong at usa.net
>> <mailto:ocwong at usa.net>> wrote:
>>
>>     http://www.networkworld.com/news/2010/033110-microsoft-runs-fuzzing-botnet-finds.html
>>
>>     Just a show of hands - how many of you know and had performed fuzzing
>>     before?
>>
>>
>>     Cheers
>>     Onn Chee
>>
>>
>>
>>
>>     --
>>     Please Note: If you hit "REPLY", your message will be sent to
>>     everyone on this mailing list (security-77 at meetup.com
>>     <mailto:security-77 at meetup.com>)
>>     http://www.meetup.com/SGSecurityMG/
>>     This message was sent by Wong Onn Chee (ocwong at usa.net
>>     <mailto:ocwong at usa.net>) from The Singapore Security Meetup Group.
>>     To learn more about Wong Onn Chee, visit his/her member profile:
>>     http://www.meetup.com/SGSecurityMG/members/1756147/
>>     To unsubscribe or to update your mailing list settings, click
>>     here: http://www.meetup.com/SGSecurityMG/settings/
>>     Meetup, PO Box 4668 #37895 New York, New York 10163-4668 |
>>     support at meetup.com <mailto:support at meetup.com>
>>
>>
>>
>>
>>
>>
>> --
>> Please Note: If you hit "*REPLY*", your message will be sent to
>> *everyone* on this mailing list (security-77 at meetup.com
>> <mailto:security-77 at meetup.com>)
>> This message was sent by Winston Leong (nemesisv at gmail.com) from The
>> Singapore Security Meetup Group <http://www.meetup.com/SGSecurityMG/>.
>> To learn more about Winston Leong, visit his/her member profile
>> <http://www.meetup.com/SGSecurityMG/members/11582416/>
>> To unsubscribe or to update your mailing list settings, click here
>> <http://www.meetup.com/SGSecurityMG/settings/>
>>
>> Meetup, PO Box 4668 #37895 New York, New York 10163-4668 |
>> support at meetup.com 
> ----------------------------------------------------------------------------- 
> The information in this Internet email is confidential and may be legally
> privileged. It is intended solely for the addressee. Access to this Internet
> email by anyone else is unauthorised. 
>
> If you are not the intended recipient, any disclosure, copying, distribution
> or any action taken or omitted to be taken in reliance on it, is prohibited
> and may be unlawful. When addressed to our clients any opinions or advice
> contained in this Internet email are subject to the terms and conditions
> expressed in any applicable governing ING's terms of business or
> client engagement letter.
>
> Visit us at www.ing.com
> -----------------------------------------------------------------------------
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20100407/6cdba213/attachment-0001.html 


More information about the Owasp-singapore mailing list