Information Risk Management Plc. - IRM-developed Tool Included on Linux BackTrack

IRM-developed Tool Included on Linux BackTrack

Rodrigo Marcos, Security Consultant at IRM, has developed a fuzzing tool called Taof (The Art of Fuzzing). Fuzzing is a security vulnerability research technique used to discover vulnerabilities when testing from a "Black Box" perspective. The tool sends semi-random data to a server in an attempt to trigger a condition for which the application was not designed to encounter, thus allowing the researcher to locate potential security vulnerabilities.

Although there are various fuzzing tools out there, Taof is unique in its technical approach as an all-purpose tool. Most other fuzzing tools can only work on one type of protocol, but the approach taked by Taof is more generic and it's therefore capable of fuzzing any protocol. Another outstanding attribute is that all of the data is represented graphically and in-depth knowledge of the protocol under test is not needed to conduct reserach sessions!

Many IT security professionals found the tool to be so useful that it has been included on BackTrack which is a catalogue of over 300 security and penetration testing tools; BackTrack is regarded as one of the top security toolsets available and is widely used by IT security specialists.

About IRM:

Information Risk Management Plc (IRM) is a vendor independent information risk consultancy, founded in 1998. IRM has become a leader in client side risk assessment, technical level auditing and in the research and development of security vulnerabilities and tools. IRM is headquartered in London with Technical Centres in Europe and Asia as well as Regional Offices in the Far East and North America.