This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "OWASP O2 Platform/Microsoft/ActiveX"

Jump to: navigation, search
Line 25: Line 25:
[[Category:OWASP .NET Project]]

Latest revision as of 23:27, 10 April 2014

This page contains information on how to test ActiveX controls

Security Issues with ActiveX

{list the common problems with ActiveX}

Tools to test ActiveX for Buffer Overflows

using O2

One strategy to test ActiveX with O2 would be to create a .NET stub around it and then use it to invoke the ActiveX methods

The OWASP .NET tool (couple years old) DN_BOFinder (download from SF) is a .NET Fuzzer which is able to intelligently fuzz .NET assemblies and the COM objects it exposes (see also Buffer_OverFlow_in_ILASM_and_ILDASM

Research Links

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

go back to the main OWASP O2 Platform page