Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

AMF Testing with Blazer

LC
Luca Carettoni
Thu, Aug 2, 2012 6:00 PM

Hi folks,

This may be of some interest to people on the list.

http://code.google.com/p/blazer/

Blazer is a Burp Suite plugin for testing AMF-based applications that use Java remoting technologies (e.g. Adobe BlazeDS).
It implements a new testing approach, introduced at Black Hat USA 2012. In a nutshell, it allows to build custom AMF messages, dynamically generating objects from method signatures via Java reflection and "best-fit" heuristics.

If you are interested, have a look at the code.

Cheers,
Luca

Luca Carettoni // Matasano Security

Hi folks, This may be of some interest to people on the list. http://code.google.com/p/blazer/ Blazer is a Burp Suite plugin for testing AMF-based applications that use Java remoting technologies (e.g. Adobe BlazeDS). It implements a new testing approach, introduced at Black Hat USA 2012. In a nutshell, it allows to build custom AMF messages, dynamically generating objects from method signatures via Java reflection and "best-fit" heuristics. If you are interested, have a look at the code. Cheers, Luca --- Luca Carettoni // Matasano Security
Empathy v1.0   2024 ©Harmonylists.com