Fuzzing XML and JSON Pt.1

It is hard to get back to blogging especially when there are easier alternatives to scratch your itch – I am talking about twitter. However, I decided to make the effort and see where it takes me. It will be difficult initially but practice leads to continuous improvement.

What I would like to do is to highlight some of the work I did to take two relatively simple and straightforward penetration testing practices to the next level: this is XML and JSON fuzzing. [...]

more | comments | comments rss | posted by

Well Websecurify Runs on The iPhone

This is not necessarily news anymore since it was discussed on the Websecurify official blog but we are so excited about it that we could not hold ourselves from posting it here too.

The testing engine used in this particular version of Websecurify is optimized to run with the least possible amount of memory. The results of the scanner are as good as those produced by all other Websecurify variants although in some cases it may miss some statistically unlikely types of issues. [...]

more | comments | comments rss | posted by