Lookout : How to: Fuzzing Web Services on IIS 6.0 and ASP.NET

{ Tag Archives } web services

How to: Fuzzing Web Services on IIS 6.0 and ASP.NET

So we want to fuzz something SOAPy, again. Well here’s how we’re gonna do it. The approach I like to take with clients is a gray-box, or code-assisted penetration testing. Gray box analysis is a powerful technique combining input testing with source analysis, runtime tracing, profiling, and debugging to identify real issues [...]

Also tagged fuzzing

2007 01 14 Chris Weber Web
testing Comments (2)

To fuzz or not to fuzz web services…

Is it worth the time to run input fuzzing tests against web services? When engaging a client for a security review I’m often the one to pose this question. Sure, why not… right? Well honestly there’s a more precise way to answer this question. First we really need to understand the [...]

Also tagged fuzzing

2007 01 13 Chris Weber Web
testing Comments (0)

Lookout

{ Tag Archives } web services

How to: Fuzzing Web Services on IIS 6.0 and ASP.NET

To fuzz or not to fuzz web services…

Notes from the field

Search

Pages

Archives

Lookout

{ Tag Archives } web services

How to: Fuzzing Web Services on IIS 6.0 and ASP.NET

To fuzz or not to fuzz web services…

Notes from the field

Search

Pages

Tags

Archives