Security Basics mailing list archives
Re: Testing for buffer overflows
From: <olafandjasper () hushmail com>
Date: Wed, 23 Jul 2003 16:03:29 -0700
Hello David: IF you have the source code you can check out the following links: http://www.dwheeler.com/flawfinder/ http://www.cigital.com/its4/ http://www.securesoftware.com/download_form_rats.htm http://www.cs.wisc.edu/~bart/fuzz/fuzz.html (MAYBE?) ELSIF YOU ONLY HAVE THE BINARY THEN Checkout the blackhat presintations like: http://www.blackhat.com/html /bh-europe-00/bh-europe-00-speakers.html#HalVar END IF On Wed, 23 Jul 2003 05:48:02 -0700 David stout <d.stout () solvesolutions co uk> wrote:
Hello all, I would like some advice on how to go about having an application tested for buffer overflows. Are there any tools available ? Are there people who can do the testing on my behalf ? Do you need more information first ? I look forward to your replies. David Stout CCSP, CCNA, CRCP, INFOSEC ---------------------------------------------------------------- ----------- ---------------------------------------------------------------- ------------
Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Testing for buffer overflows Brad Bemis (Jul 23)
- <Possible follow-ups>
- Re: Testing for buffer overflows DownBload (Jul 23)
- Re: Testing for buffer overflows olafandjasper (Jul 24)