Web Application Security
AMF Testing with Blazer Aug 02 2012 06:00PM
Luca Carettoni (luca matasano com)
Hi folks,

This may be of some interest to people on the list.


Blazer is a Burp Suite plugin for testing AMF-based applications that use Java remoting technologies (e.g. Adobe BlazeDS).
It implements a new testing approach, introduced at Black Hat USA 2012. In a nutshell, it allows to build custom AMF messages, dynamically generating objects from method signatures via Java reflection and "best-fit" heuristics.

If you are interested, have a look at the code.


Luca Carettoni // Matasano Security

This list is sponsored by Cenzic
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus