Here you can download the source code for the example configurations of the JAttack tool introduced in Chapter 14 of the second edition.

Note that if you are running the JAttack code against the MDSec online training labs, you'll need to edit and recompile the source code to use the URL and session cookie that you are given in your lab session. Otherwise, you will need to modify the code to work with the specific application you are targeting. As discussed in Chapter 14 you should ideally use this code as a base for creating more powerful and versatile scripts for automating your customized attacks against applications.

JAttack - enumerating identifiers

JAttack - harvesting data

JAttack - fuzzing for vulnerabilities

Copyright © 2011 Dafydd Stuttard and Marcus Pinto. All rights reserved.