beSTORM Product Line

beSTORM is sold by 'seat' and by range of protocols, servers, transport layers and files. Previously available only to governments and large corporations, beSTORM has established a long and well documented history of identifying security issues in network equipment and software. Simple to use but powerful enough to have been deployed by the military, beSTORM can replace dozens of hard to use or poorly supported and documented tools and provides a standard, reliable and repeatable security testing process that businesses of any size can incorporate into their software QA process.

Technically, beSTORM is a commercial, black box, intelligent fuzzer. It is used in a lab environment to test application security during development or to certify software and networked hardware prior to deployment. It comes with complete technical and developmental support, does not need or use source code and delivers fast results by testing the most common, most likely failure scenarios first and then branching out into a near infinite range of attack variations.

Contact us today and get your software security testing questions answered.

 

More Info / Free Trial 

 

Description

beSTORM Trial

beSTORM Professional

beSTORM Web Applications

General Purpose Fuzzer               Y               Y N/A
Network Protocol Fuzzing               Y               Y N/A
DLL / API Fuzzing               X               Y N/A
ActiveX Fuzzing               X               Y N/A
Client side Network fuzzing               X               Y N/A
File fuzzing Partial               Y N/A
80-20 approach to finding vulnerability: 4 levels of testing on the protocols (known vulnerabilities, simple implementation, full RFC (+extension) implementation, and quirks (Special cases in special products). Partial               Y               Y
Development Language independent               Y               Y               Y
Does not require source code               Y               Y               Y
Linux/Unix and Windows support Only Windows               Y               Y
Integrated tests for known vulnerabilities with full information from CVE               X               Y               Y
Reproducible tests               Y               Y               Y
Easily export test case to Perl scripts and generate binary data of tests               Y               Y               Y
Supports binary protocols               Y               Y               Y
Session based protocols               Y               Y               Y
Standard encryption support               Y               Y               Y
Intelligent module structure (Supporting length/offset dependencies, element counters, duplications, encoders etc.)               Y               Y               Y
High throughput and speed. Supports specifying the optimal connection to a specific server.               Y               Y               Y
Easily adaptable to a new testing environment               Y               Y               Y
Hands free testing (ability to automatically stop and restart the test according to monitored results).               Y               Y               Y
Batch mode support (auto-resume testing upon crash)               Y               Y               Y
Custom Module support - build your own proprietary modules for in-house protocols, extensions, file formats and API definitions               X               Y               Y
Tailored attack types (sql injection, cross site scripting, format string, add your own)               X               Y               Y
Add External DLL calls to your modules (special encryption, file/net operation, custom libraries)               X               Y               Y
Custom vulnerability detection support               X               Y               Y
Buffer overflow attacks               Y               Y               Y
Integer overflows / underflows attacks               Y               Y N/A
Format string attacks               Y               Y N/A
Null byte attacks               Y               Y N/A
Buffer poisoning attacks               Y               Y               Y
Off-by-one attacks               Y               Y N/A
Malformed encoding attacks               Y               Y               Y
Extended functionality to modules through standard win32 api, openssl, Unix               X               Y               Y
Bookmarks - allows to go back in time to previous tests and regenerate scenarios               X               Y               Y
Advanced optimization - allowing faster results by focusing tests on prime subset of tests               Y               Y               Y
Supports IPv6, IPv4 IPv4 only               Y               Y
Auto Learn - Wizard to build new modules (of any type)               Y               Y               Y
"Packet capture to beSTORM module" converter (to easily create a beSTORM custom module)               X               Y               Y
Graphical representation of module and attack vectors               Y               Y               Y
Automatically control speed testing settings from monitor               X               Y               Y
Change test cases/order depending on result               X               Y               Y
Monitoring tool to examine tested application               Y               Y               Y
Ability to implement your own monitor and integrate with beSTORM Client               X               Y               Y
gdb integration               Y               Y               Y
Ollydbg integration               X               Y               Y
WinDBG integration               X               Y               Y

beSTORM Monitor

Linux/Unix and Windows support               Y               Y               Y
Both console and Windows GUI versions               Y               Y               Y
Auto-starts tested application in case of crash               X               Y               Y
Catches exceptions               Y               Y               Y
Catches buffer overflows               Y               Y               Y
Catches buffer overruns               X               Y               Y
Reports on cpu/memory usage               X               Y               Y
Parses log files               X               Y               Y

Request Info

  • 共有产权住房亮相 完善“梯队消费” 2019-06-24
  • 俄罗斯金融寡头放弃奢华生活 甘愿当农民[组图] 2019-06-24
  • 我的这五年 幸福在这里 2019-06-17
  • 新疆规范法律服务事中事后监管 实现科学有效监管 2019-06-16
  • 关于《中华人民共和国监察法(草案)》的说明 2019-06-13
  • [微笑]因为人的基本需求是存在边际的,不会出现你所谓的无限制消费!比如坐公交,你会因为不要钱就一天到晚呆在公汽上么? 2019-06-07
  • 回应美方制裁 俄国家杜马酝酿对美反制法案 2019-06-07
  • 北京百子湾车祸致2死3伤 小客车女司机系无证驾驶 2019-06-06
  • 2018海创会带你领略黑科技产品 2019-06-05
  • 【扎实推进重大项目落地见效】重庆经开区发展再提速 东港片区路网工程打通“交通动脉” 2019-06-04
  • 俄罗斯足球队50横扫沙特队真是让人大饱眼福,特提精神!俄罗斯是战斗民族名不虚传。 2019-06-01
  • 光明在线培训管理平台 2019-05-27
  • 儿童掉进冰窟 小伙用双手砸出“生命通道” 2019-05-25
  • 安检不用摸 登机刷脸过 智能技术抢眼民航成果展 2019-05-14
  • 推动发展文化产业与其他关联产业深度融合 2019-05-05
  • 香港马会内部免费资料一肖中特 现金真钱斗牛网址 双色球一些技巧 双色球历史开奖结果17124 2019年华东15选5历史开奖记录 福彩3d2019165期3d试机号后分析汇总 体彩p3最新试机号 上海快3近100期走势图 山西快乐十分前三组技巧 辽宁11选5奖金分配 辽宁十一选五五码推荐 欢乐升级怎么弄宝宝 黑龙江22选5走势图2019年 篮球让分胜负技巧 山西快乐十分钟走势图