Finding New Browser-Based Vulnerabilities

Now that you’re convinced that browser-based vulnerabilities are important, and have seen several recent examples of client-side vulnerabilities used by criminals to install malware, it’s (finally) time to show you how to find client-side vulnerabilities yourself. The easiest way to get started finding client-side vulnerabilities is to look at tools released in the last few years. Understanding how each tool works and why it found bugs will help you find your own new vulnerabilities.

mangleme

Mangleme was the first publicly released fuzzing tool to specifically target browser-based client-side vulnerabilities. It’s a little outdated now, but it is super simple to set up, use, and understand, so we’ll start here. You can follow along with this discussion by downloading the mangleme source code from http://freshmeat.net/projects/mangleme.