Web Application Security
AMF Testing with Blazer Aug 02 2012 06:00PM
Luca Carettoni (luca matasano com)
Hi folks,

This may be of some interest to people on the list.

http://code.google.com/p/blazer/

Blazer is a Burp Suite plugin for testing AMF-based applications that use Java remoting technologies (e.g. Adobe BlazeDS).
It implements a new testing approach, introduced at Black Hat USA 2012. In a nutshell, it allows to build custom AMF messages, dynamically generating objects from method signatures via Java reflection and "best-fit" heuristics.

If you are interested, have a look at the code.

Cheers,
Luca

---
Luca Carettoni // Matasano Security

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus