|preview pentest fuzzing 04 2017.pdf|
We would like to present you our newest issue. We hope that you will find many interesting articles inside the magazine and that you will have time to read all of them.
We are really counting on your feedback here!
In this issue we will dive deeper into fuzzing techniques. In the first part of the issue you will read couple articles about fuzz testing methods, strategies, its advantages and disadvantages. We will go through some tools like: Burp Suite, SPIKE, and one of the most famous fuzzing tools: Peach fuzzer. We have also prepared for you articles about cloud fuzzing and practical discovering vulnerabilities with fuzzing.
Second part of the issue will focus on different topics. You will read an article about how Facebook helps hackers to hack corporate giants, step-by-step real scenario how to deal with ransomware, and the article about The World of State Surveillance. Last but not least you will be introduced to ANAM scanner with an article written by an author of the tool.
We would also want to thank you for all your support. We appreciate it a lot. If you like this publication you can share it and tell your friends about it! every comment means a lot to us.
Again special thanks to the Beta testers and Proofreaders who helped with this issue. Without your assistance there would not be a PenTest Magazine.
Enjoy your reading,
Table of contents:
Strategies for intelligent fuzzing with Peach fuzzer
by David Fernandez
In the past years, fuzzing techniques applied to identify security risks and vulnerability detection have evolved from being exclusively used by specialized security companies and researchers to being widely adopted by major software and service providers as an important tool in their security development lifecycle. Companies like Microsoft and Google apply such techniques as part of their security assurance programs to proactively identify vulnerabilities affecting their products or third-party products they use. In this article, we will talk about Peach fuzzer, how to use it and extend it to fit our needs, besides different techniques that could be applied to boost results and effectiveness of our fuzzing sessions.
A Review of Fuzzing Tools and Methods
by James Fell
This paper reviews fuzzing and its context within the field of information security research. We firstly examine how vulnerabilities come to exist in software and how security researchers find them. After a brief overview of common vulnerability types and methods of static analysis, we look in more depth at the field of fuzzing. Competing approaches to fuzzing are examined, from simple random inputs all the way to using genetic algorithms and taint analysis. The importance of measuring code coverage to evaluate the completeness of a fuzzing campaign is examined. Finally, previous work on fuzz testing of web browsers is reviewed.
Fuzzing in the Amazon Cloud – A worthy alternative to classical fuzzing?
by Wilfried Kirsch and Prof. Dr. Hartmut Pohl
Fuzzing is a method to identify software bugs and vulnerabilities in executables. The actual development shows a trend to move fuzzing into the cloud (cloud fuzzing), that allows a dramatic fuzzing speed increase up to factor 100 compared to classic fuzzing running on a typical personal computer. This paper shows benefits and drawbacks of cloud fuzzing for companies. With the softScheck Amazon cloud fuzzing Framework, a feasible software solution for fuzzing in the Amazon Cloud is presented and its architecture sketched.
Discovering vulnerabilities with Fuzzing
by Prasanna Padmarajulu
Fuzz testing was originally developed by Barton Miller at the University of Wisconsin in 1989. Fuzz Testing is a type of testing where automated or semiautomated testing techniques are used to detect program failures that may have security implications in software, operating systems, or networks by inputting invalid or random data called FUZZ to the system. After the data is input, the system is monitored for various exceptions, such as crashing down of the system or failing built-in code, etc., then results are triaged and the root cause is identified to fix the defect.
by Ali Abdollahi
Fuzzing is a technique for finding bugs in software or applications by feeding random input to applications. Found security bugs in the fuzzing phase are known as security vulnerabilities. In fact, fuzzing is the art of finding bugs in applications where semi-valid data entry is used to exam security consistency where entry should be good enough to be considered a valid entry, but so too is invalid scanning of an error.
In this article we’ll focus on software vulnerabilities and fuzzing process.
Burp for fuzzing
by Junior Carreiro
The purpose of this article is to show how we can use the Burp to perform a fuzzing web applications and discovered SQL Injection flaws.
Step by step how to deal with ransomware: a practical case
by Washington Almeida
Every day we read news or receive information about a new type of crime in the digital environment. The criminals are becoming more and more sophisticated in their methods of attacks, making use of the resources that the information technology offers. In this scenario, the attack of the moment is known as ransomware. Various methods are used by cyber security experts around the globe in the fight against ransomware. A step-by-step forensic approach on how to deal with ransomware is where this article seeks to contribute. I finish the article performing an interesting enumeration attack against the criminals’ website, hidden inside DeepWeb on TOR network, which made it possible to reveal their TOR exit node and other hidden IP address.
How Facebook helps hackers hack corporate giants
by Ajay Gowtham
Security researchers have found a recent phishing attack targeting through the Facebook Developer Platform to scam users of Gmail, Facebook, Yahoo mail, chat room, ask.fm, Outlook, beIN Sports, Gamezer, Skype, Twitter, Instagram, Snapchat, and WhatsApp. This fraudulent group carries their phishing activities through masqueraded illegitimate websites that look like legitimate sites. Facebook Developer Platform is able to perform this malicious activity more stealthily. The fraud group has customized the Facebook developer’s page which may look more authentic. Hence, even tech-savvy people may also be convinced to fall prey to this attack. In the current scenario, phishing pages are even restricted by hosting sites. But, the Facebook Developer page encourages phishing activities, so it still remains as question mark about Facebook Security.
The World of State Surveillance
by Aditya Mukherjee
I still remember the day when one of my close friends watched Mr. Robot for the first time and went into a paranoid frenzy to set up security measures in her mobile, laptop and hard disk. To be honest, I was always aware of these techniques in the back of my mind but somehow watching it on the show made me reconsider my lax, too.
by Remco Verhoef
ANAM is a mass scanning tool for HTTP or HTTPS vulnerabilities. If you want to scan a lot of domains for the same vulnerability (e.g. the publication of git repository) within a short amount of time, you’ll be happy to use ANAM.