WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

AMF Testing with Blazer

From: Luca Carettoni <luca () matasano com>
Date: Thu, 2 Aug 2012 11:00:45 -0700
Hi folks,

This may be of some interest to people on the list.

http://code.google.com/p/blazer/

Blazer is a Burp Suite plugin for testing AMF-based applications that use Java remoting technologies (e.g. Adobe 
BlazeDS). 
It implements a new testing approach, introduced at Black Hat USA 2012. In a nutshell, it allows to build custom AMF 
messages, dynamically generating objects from method signatures via Java reflection and "best-fit" heuristics.

If you are interested, have a look at the code.

Cheers,
Luca

---
Luca Carettoni // Matasano Security







This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: