|
Dailydave
mailing list archives
Re: From blackbox to grey-box during Web App tests
From: "J.M. Seitz" <lists () bughunter ca>
Date: Fri, 12 Oct 2007 07:54:34 -0700
PaiMei and BinNavi are fuzzer trackers, as I explained. gcov
is more of a basic line coverage tool, isn't it? See:
http://bullseye.com/coverage.html
I can't speak for BinNavi, but PaiMei isn't just a fuzzer tracker, code
coverage is useful from an RE perspective as well if you are trying to hone
in on particular pieces of logic within a binary. DeMott's EFS relies
heavily on PaiMei's code coverage abilities to determine fitness for its
fuzzing runs, that's just an example.
Gcov is a whitebox code coverage tool, and there are some interesting tools
from Compuware that integrate directly into your VS 2005 environment to give
you code coverage metrics.
I guess I am not too sure how useful that Tracer is, the more I have thought
about it, the more I like Dave's idea of having a filter on the running
server (database), that captures all SQL queries that made it into the
server, and reporting the results back that match an injection. To take this
a step further you could also hook into the application server itself and
hook file creation, process creation, etc.
JS
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
|
Intro
