Testing Tools
Created for The Art of Software Security Testing
clifuzz, Dino Dai Zovi
Mitmc.c, Dino Dia Zovi
The C code for a simple random fault injector; it listens on a given port
and forwards all packets onto another port, after doing any tweaks.
Our fault injector relies on the fact that it resides on a third machine
that sits on the same network as the client and server. To use this proxy
one must change the ARP (Address Resolution Protocol) table of the machine
that one wants to change data from.
fuzz_wsdl.py, Lucas Nelson
This fuzzer can take a WSDL URL and create a series of tests for each
service. It uses a python library called SOAPpy. See code comments for more
info.
Other Tools