Dailydave: Re: From blackbox to grey-box during Web App tests

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Dailydave mailing list archives

Re: From blackbox to grey-box during Web App tests

From: "Andre Gironda" <andre () operations net>
Date: Thu, 11 Oct 2007 12:48:22 -0500

On 10/10/07, Thomas Ptacek <tqbf () matasano com> wrote:

It's nice that they're doing this for JVM, but isn't this exactly what
PaiMei and BinNavi (and, if you want to get snarky, gcov) do for
native binaries?


PaiMei and BinNavi are fuzzer trackers, as I explained.  gcov is more
of a basic line coverage tool, isn't it?  See:
http://bullseye.com/coverage.html

Can someone help me understand what web app magic this tool adds?


Here is the presentation where I first learned about what Tracer
actually does, inferring why it was created and what its uses are -
http://www.blackhat.com/presentations/bh-europe-07/Kureha/Presentation/bh-eu-07-chess-kureha-ppt-apr19.pdf

Cheers,
Andre
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

By Date By Thread

Current thread:

From blackbox to grey-box during Web App tests Dave Aitel (Oct 09)
- Re: From blackbox to grey-box during Web App tests Andre Gironda (Oct 10)
- Re: From blackbox to grey-box during Web App tests Thomas Ptacek (Oct 10)
  - Re: From blackbox to grey-box during Web App tests Andre Gironda (Oct 11)
    - Re: From blackbox to grey-box during Web App tests J.M. Seitz (Oct 12)
    - Re: From blackbox to grey-box during Web App tests Matt Hargett (Nov 07)
- Re: From blackbox to grey-box during Web App tests Adriel Desautels (Oct 13)
  - Re: From blackbox to grey-box during Web App tests Thomas Ptacek (Oct 14)
    - Re: From blackbox to grey-box during Web App tests C Q (Oct 14)