Re: Fuzzing testing webapp?

["Morning Wood" <se_cur_ity () hotmail com>]

> I want to do something like this with a script, tool etc, (Looking fuzzing
directory traversal )
> http://target/any.asp?data=.../.../.../ <-
> where the variable "data="  <-- this  i want to test to found some bugs
> http://target/cgi-bin/any.cgi?data=var1&var2&;


efuzz is good in windows, and has exactly what you want ( although you can
only fuzz one "var" )
http://www.priestmaster.org/projects/tools/efuzz.zip
( i have found stack overflows with this )

others are avail, such as "Peach" and "Fuzzy", but are python based ( and
work quite well )

the secret Google search string is:
http://www.google.com/search?hl=en&q=fuzzer

cheers,
mw
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/