Skip to content

AonCyberLabs/PadBuster

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 

Repository files navigation

PadBuster - Automated script for performing Padding Oracle attacks

Author: Brian Holyfield - Gotham Digital Science (labs@gdssecurity.com)

Credits to J.Rizzo and T.Duong for providing proof of concept web exploit
techniques and S.Vaudenay for initial discovery of the attack. Credits also
to James M. Martin (research@esptl.com) for sharing proof of concept exploit
code for performing various brute force attack techniques.

PadBuster is a Perl script for automating Padding Oracle Attacks. PadBuster  
provides the capability to decrypt arbitrary ciphertext, encrypt arbitrary plaintext, 
and perform automated response analysis to determine whether a request is vulnerable 
to padding oracle attacks.

PadBuster is released under the Apache License, version 2.0 (Apache-2.0)
https://opensource.org/licenses/Apache-2.0