Saturday, July 10, 2010

Fuzzdb update to version 1.08

Attack and Discovery Pattern Database for Application Fuzz Testing

fuzzdb helps identify security flaws in applications by aggregating known attack patterns, predictable resource names, and server response messages to create a comprehensive, repeatable set of malformed input test cases.

Added: command exec cheatsheets for unix and windows, netcat cheatsheet, microsoft sharepoint test cases, file upload filter bypass test cases, invalid microsoft filenames, javascript events, html tags, null byte test cases.

Download fuzzdb from http://code.google.com

No comments: