Last Updated: February 25, 2016
· santex

Brute Force Vulnerability Discovery

do you self a favor start fuzzing

(couch, ws, ajax etc)

pipe querys from your log out to tools like

wget or ab later cook up a automated in release interval

ab -c 30 -n 100000 -k
for i in cat payload.*; do ab -c 30 -n 100000 -k$q; done

2 Responses
Add your response


cat payload.* | while read i; do ...; done is a much better construct as it doens't materialize the whole set in memory

over 1 year ago ·

my point was the fuzzing which normally runs automatically.
so to start might get hands on.
there is real need to fuzz to learn how to, regardless how you invoke it
end of the learning process should be a automatic with exotic payload.
but guess for most even have trouble repeating known requests.

over 1 year ago ·