PaulDotCom mailing list archives

Re: Pentesting JSON/XML interface

From: Sandro Gauci <sandro () enablesecurity com>
Date: Mon, 21 Oct 2013 15:06:59 +0100

Hey Xavier,

I think that Burp Suite Pro added support for what you need sometimes last
year:

http://releases.portswigger.net/2012/06/v1410.html



Sandro Gauci
Penetration tester and security researcher
Email: sandro () enablesecurity com
Web: http://enablesecurity.com/
PGP: 8028 D017 2207 1786 6403  CD45 2B02 CBFE 9549 3C0C


On Fri, Oct 18, 2013 at 5:58 PM, Xavier Mertens <xavier () rootshell be> wrote:

Hi All,

In the scope of a project, I'll have to extensively test JSON interfaces.
I've samples of "good" requests and would like to fuzz the different
parameters. Anybody has a good tool (or ideas) to perform this?

Thank you,
Xavier

--
"If the enemy leaves a door open, you must rush in." - Sun Tzu
PGP Key:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x42D006FD51AD7F2C


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Pentesting JSON/XML interface Xavier Mertens (Oct 21)
- Re: Pentesting JSON/XML interface mitchell (Oct 22)
- Re: Pentesting JSON/XML interface Sandro Gauci (Oct 22)
- Re: Pentesting JSON/XML interface Jerome Athias (Oct 22)