OWASP SWFIntruder v0.9 : Flash Applications security assessment tool
SWFIntruder (pronounced Swiff Intruder) is the first tool specifically developed for analyzing and testing security of Flash applications at runtime. It helps to find flaws in Flash applications using the methodology originally described by Stefano Di Paola in Testing Flash Applications (May 2007) and in Finding Vulnerabilities in Flash Applications (Nov 2007).
SWFIntruder purpose is to analyze a Flash application for version =< 8 and to help check in a semi automated fashion the presence of security issues like Cross Site Scripting and Cross Site Flashing.
Moreover does help raise awareness around the subject of flash applications security and how that can be used to and assist in the security of applications.
Features
- Basic predefined attack patterns.
- Highly customizable attacks.
- Highly customizable undefined variables.
- Semi automated Xss check.
- User configurable internal parameters.
- Log Window for debugging and tracking.
- History of latest 5 tested SWF files.
- ActionScript Objects runtime explorer in tree view.
- Persistent Configuration and Layout
Post scriptum
Compliance Mandates
|
Related Articles
Application Scanner |
|
Swfintruder |
|
Vulnerability Scanner |
|