Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Testing for buffer overflows

From: <olafandjasper () hushmail com>
Date: Wed, 23 Jul 2003 16:03:29 -0700

Hello David:
IF you have the source code you can check out the following links:
   http://www.dwheeler.com/flawfinder/
   http://www.cigital.com/its4/
   http://www.securesoftware.com/download_form_rats.htm
   http://www.cs.wisc.edu/~bart/fuzz/fuzz.html (MAYBE?)
ELSIF YOU ONLY HAVE THE BINARY THEN
   Checkout the blackhat presintations like:
   http://www.blackhat.com/html
        /bh-europe-00/bh-europe-00-speakers.html#HalVar
END IF
On Wed, 23 Jul 2003 05:48:02 -0700 David stout <d.stout () solvesolutions co uk>
wrote:

Hello all,

I would like some advice on how to go about having an application
tested for buffer overflows. Are there any tools available ? Are
there
people who can do the testing on my behalf ?

Do you need more information first ?

I look forward to your replies.

David Stout
CCSP, CCNA, CRCP, INFOSEC



----------------------------------------------------------------
-----------
----------------------------------------------------------------
------------







Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: