This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Session Strength Analysis With Stompy

From OWASP
Jump to: navigation, search

Description

Stompy performs NIST FIPS statistical tests on session generation and checks for correlations between arbitrary bits. A truly random token never exhibits correlation between the stage of one bit and the state of another. In this movie, I'll show you how to download, extract, compile, and run Stompy and analyze session tests for failure or pass.


Download:

http://yehg.net/lab/pr0js/files.php/sessionstrengthanalysiswithstompy.zip

Retrieved from "https://wiki.owasp.org/index.php?title=Session_Strength_Analysis_With_Stompy&oldid=41625"