Scott Granneman, 2006-07-24
Scott Granneman looks at the virtues and pitfalls of browser fuzzing and the overwhelmingly positive impact it has on the security community.
Colapse all |
Post comment
A month of browser bugs
2006-07-24
Anonymous (1 replies)
Anonymous (1 replies)
A month of browser bugs
2006-07-25
Anonymous
Anonymous
Not all fuzzers are created equal. I can fuzz just one aspect of the browser (urls, for example) and claim that I've run a fuzzer against my browser, but if I'm not fuzzing all aspects of input, it's incomplete. My guess is that Microsoft just wasn't complete enough with what they fuzzed.
...
[ more ] [ reply ]
...
[ more ] [ reply ]
A month of browser bugs
2006-07-26
Anonymous
Anonymous
This is not just some hacker revealing vulnerabilities. The real value here is that MS is presented with a mechanism to improve their development process and to create better more secure software. Problem is no-one at MS seems to have bought into the idea so their implementation is half-hearted [at ...
[ more ] [ reply ]
[ more ] [ reply ]
A month of browser bugs
2006-07-26
Anonymous
Anonymous
Taking a quick look at Michael Howard's recent security book "Security Development Lifecycle" where he emphasized the mandatory and extensive fuzzing applied against all applications within the trustworthy iniative. Maybe Mr. Moore has tricks Microsoft has not discovered yet.... or does not want to....
[ more ] [ reply ]
[ more ] [ reply ]
None for Opera 9 have been found so far...
2006-07-26
Anonymous (1 replies)
Anonymous (1 replies)
A month of browser bugs
2006-07-31
Anonymous (1 replies)
Anonymous (1 replies)
To call this guy purely a researcher is crap. "He's responsible for the awesome Metasploit Project, an "advanced open-source exploit development platform ... for legal penetration testing and research purposes" that currently contains 143 exploits and 75 different payloads"
if the framework was d...
[ more ] [ reply ]
if the framework was d...
[ more ] [ reply ]
[ more ] [ reply ]