[Openstack-security] fuzzing openstack API's
Thomas Biege
thomas at suse.de
Thu Sep 12 14:17:50 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
my team made fuzz tests about one year ago using
https://gitorious.org/test-suite/test-suite/source
/1809ffcf2684e53e073e00aeb356b9710969aff2:fuzz_xmlrpc.pl , other
tools and manual requests.
Everything we found was put into the bug tracking system.
Unfortunately I cannot remember the details.
There is also a blueprint for automatic security testing:
https://blueprints.launchpad.net/marconi/+spec/security-testing-basic
Any help is welcome here.
Best,
Thomas
Am 12.09.2013 12:15, schrieb André Van Daele:
> Hi,
>
> I do not know if this is the correct place to post this question.
> Then please feel free to point me to the right direction.
>
>
> My question: Is there any kind of fuzzing done on the standard
> openstack API's. This tests could have been performed by a tool
> called radamsa or defensics or others.
>
> And in case any vulnerabilities found fed back to the openstack
> community for fixes?
>
> Brgds, André Van Daele
>
>
>
> _______________________________________________ Openstack-security
> mailing list Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
- --
>
Thomas Biege <thomas at suse.de>, Team Leader MaintenanceSecurity, CSSLP
SUSE LINUX Products GmbH
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer
HRB 21284 (AG Nürnberg)
- --
Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
-- Marie von Ebner-Eschenbach
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSMc0OAAoJEJqHoVJVjr8DMKcIAMhECSY1LACb1dBimO9k51FP
Nan9VhAvTxG5DB1WlwNqKuE1M7mHVlWdADhg1eEuR/OId8vrbLUUSK5W9K9ZXX/f
EhoQOP99UrzbnXHA1bNyrWNdCQFi2zaKgP3yLBjCdNzcEyO3hwmP/oa8utZhO/it
H/4V24RD/1N7Mwu//ew9VOM1zuhz6YqstA5c0gk9oyn6gsfbAeCFzrCxZZAxqfh2
408TGfqQfWCgL66x+MCByi0wsgc0O5qgkUOTa3zDr7nWGoV5WRTRN8Q4efKb783J
uJhTLN9NMItrmyhjbBwqGai7mDGqh6JcZqCylqBjc9I3KsjYOJVEet8U1ejqEHs=
=/60c
-----END PGP SIGNATURE-----
More information about the Openstack-security
mailing list