Thursday, July 16, 2009

Web2Fuzz - AppSec Labs Tool....

This tool is coded by our research and consulting team to test Web 2.0 applications. It is simple utility to check vulnerabilities while doing pen-testing and assessment. It is effective to use with Web2Proxy.

Here is tool detail..
Web2Fuzz (Beta)
Web 2.0 Application Auto Fuzzing tool

This tool helps in fuzzing next generation application running on Web/enterprise 2.0 platform. It can be used with Web2Proxy by harvesting JSON, XML, JS-Object etc. from already profiled HTTP requests. Adding various fuzz loads and injecting them into particular request. One can encode fuzz load in various forms to pollute/poison Web 2.0 streams. It is possible to analyze responses by using various techniques like response behavior, stream structure or patterns. Tool contains sample payload and pdf/slides can help you in giving better understanding of its behavior.