• 全国高考开展网上评卷 多重保障确保打分公平 2019-02-12
  • 韩消防直升机坠毁全程曝光[组图] 2019-02-12
  • 我写文章不是为了别人的赞许,是为了讨论问题,让人有思考的价值,就像你网名一样,探寻真理。我并非就全盘赞成市场经济,只是在讨论它的合理性,在文中也提问,“既然我们 2019-01-26
  • 诺贝尔文学奖丑闻祸首被正式起诉 或将面临6年刑期 2019-01-26
  • 不好意思了,忘记还有赌球一说。[哈哈] 2019-01-22
  • 天津市级机关工委机关党委部署开展br“不忘初心 牢记使命”——纪念建党97周年系列活动 2019-01-22
  • 夏季肠道容易“中风” 2019-01-19
  • 海岸旅行地中国国家地理网 2019-01-16
  • 安农大选配50名资深教授担任产业联盟“盟主” 2019-01-08
  • 太原引入“慢病PBM”管理模式 2019-01-08
  • 西安明德门遗址保护工程启动 将1∶1异地重现五门道城门明德门保护-要闻 2019-01-02
  • 报告:2017届大学毕业生就业率达91.9% 高职高专超本科 2019-01-02
  • 弘扬红船精神 当好勇立潮头城建排头兵 2018-12-29
  • 民航系统支援西藏机场建设发展工作会议召开 西藏将新增三个支线机场 2018-12-28
  • 《脱身》《爱国者》谍战剧暑期档C位霸屏 2018-12-24
  • beSTORM Product Line

    beSTORM is sold by 'seat' and by range of protocols, servers, transport layers and files. Previously available only to governments and large corporations, beSTORM has established a long and well documented history of identifying security issues in network equipment and software. Simple to use but powerful enough to have been deployed by the military, beSTORM can replace dozens of hard to use or poorly supported and documented tools and provides a standard, reliable and repeatable security testing process that businesses of any size can incorporate into their software QA process.

    Technically, beSTORM is a commercial, black box, intelligent fuzzer. It is used in a lab environment to test application security during development or to certify software and networked hardware prior to deployment. It comes with complete technical and developmental support, does not need or use source code and delivers fast results by testing the most common, most likely failure scenarios first and then branching out into a near infinite range of attack variations.

    Contact us today and get your software security testing questions answered.

     

    More Info / Free Trial 

     

    Description

    beSTORM Trial

    beSTORM Professional

    beSTORM Web Applications

    General Purpose Fuzzer               Y               Y N/A
    Network Protocol Fuzzing               Y               Y N/A
    DLL / API Fuzzing               X               Y N/A
    ActiveX Fuzzing               X               Y N/A
    Client side Network fuzzing               X               Y N/A
    File fuzzing Partial               Y N/A
    80-20 approach to finding vulnerability: 4 levels of testing on the protocols (known vulnerabilities, simple implementation, full RFC (+extension) implementation, and quirks (Special cases in special products). Partial               Y               Y
    Development Language independent               Y               Y               Y
    Does not require source code               Y               Y               Y
    Linux/Unix and Windows support Only Windows               Y               Y
    Integrated tests for known vulnerabilities with full information from CVE               X               Y               Y
    Reproducible tests               Y               Y               Y
    Easily export test case to Perl scripts and generate binary data of tests               Y               Y               Y
    Supports binary protocols               Y               Y               Y
    Session based protocols               Y               Y               Y
    Standard encryption support               Y               Y               Y
    Intelligent module structure (Supporting length/offset dependencies, element counters, duplications, encoders etc.)               Y               Y               Y
    High throughput and speed. Supports specifying the optimal connection to a specific server.               Y               Y               Y
    Easily adaptable to a new testing environment               Y               Y               Y
    Hands free testing (ability to automatically stop and restart the test according to monitored results).               Y               Y               Y
    Batch mode support (auto-resume testing upon crash)               Y               Y               Y
    Custom Module support - build your own proprietary modules for in-house protocols, extensions, file formats and API definitions               X               Y               Y
    Tailored attack types (sql injection, cross site scripting, format string, add your own)               X               Y               Y
    Add External DLL calls to your modules (special encryption, file/net operation, custom libraries)               X               Y               Y
    Custom vulnerability detection support               X               Y               Y
    Buffer overflow attacks               Y               Y               Y
    Integer overflows / underflows attacks               Y               Y N/A
    Format string attacks               Y               Y N/A
    Null byte attacks               Y               Y N/A
    Buffer poisoning attacks               Y               Y               Y
    Off-by-one attacks               Y               Y N/A
    Malformed encoding attacks               Y               Y               Y
    Extended functionality to modules through standard win32 api, openssl, Unix               X               Y               Y
    Bookmarks - allows to go back in time to previous tests and regenerate scenarios               X               Y               Y
    Advanced optimization - allowing faster results by focusing tests on prime subset of tests               Y               Y               Y
    Supports IPv6, IPv4 IPv4 only               Y               Y
    Auto Learn - Wizard to build new modules (of any type)               Y               Y               Y
    "Packet capture to beSTORM module" converter (to easily create a beSTORM custom module)               X               Y               Y
    Graphical representation of module and attack vectors               Y               Y               Y
    Automatically control speed testing settings from monitor               X               Y               Y
    Change test cases/order depending on result               X               Y               Y
    Monitoring tool to examine tested application               Y               Y               Y
    Ability to implement your own monitor and integrate with beSTORM Client               X               Y               Y
    gdb integration               Y               Y               Y
    Ollydbg integration               X               Y               Y
    WinDBG integration               X               Y               Y

    beSTORM Monitor

    Linux/Unix and Windows support               Y               Y               Y
    Both console and Windows GUI versions               Y               Y               Y
    Auto-starts tested application in case of crash               X               Y               Y
    Catches exceptions               Y               Y               Y
    Catches buffer overflows               Y               Y               Y
    Catches buffer overruns               X               Y               Y
    Reports on cpu/memory usage               X               Y               Y
    Parses log files               X               Y               Y

    Request Info

  • 全国高考开展网上评卷 多重保障确保打分公平 2019-02-12
  • 韩消防直升机坠毁全程曝光[组图] 2019-02-12
  • 我写文章不是为了别人的赞许,是为了讨论问题,让人有思考的价值,就像你网名一样,探寻真理。我并非就全盘赞成市场经济,只是在讨论它的合理性,在文中也提问,“既然我们 2019-01-26
  • 诺贝尔文学奖丑闻祸首被正式起诉 或将面临6年刑期 2019-01-26
  • 不好意思了,忘记还有赌球一说。[哈哈] 2019-01-22
  • 天津市级机关工委机关党委部署开展br“不忘初心 牢记使命”——纪念建党97周年系列活动 2019-01-22
  • 夏季肠道容易“中风” 2019-01-19
  • 海岸旅行地中国国家地理网 2019-01-16
  • 安农大选配50名资深教授担任产业联盟“盟主” 2019-01-08
  • 太原引入“慢病PBM”管理模式 2019-01-08
  • 西安明德门遗址保护工程启动 将1∶1异地重现五门道城门明德门保护-要闻 2019-01-02
  • 报告:2017届大学毕业生就业率达91.9% 高职高专超本科 2019-01-02
  • 弘扬红船精神 当好勇立潮头城建排头兵 2018-12-29
  • 民航系统支援西藏机场建设发展工作会议召开 西藏将新增三个支线机场 2018-12-28
  • 《脱身》《爱国者》谍战剧暑期档C位霸屏 2018-12-24