Open Source Fuzzing Tools

  • 2h 55m
  • Gadi Evron, et al.
  • Elsevier Science and Technology Books, Inc.
  • 2007

Fuzzing is often described as a black box software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.

Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.

  • Learn How Fuzzing Finds Vulnerabilities
  • Eliminate buffer overflows, format strings and other potential flaws
  • Find Coverage of Available Fuzzing Tools
  • Complete coverage of open source and commercial tools and their uses
  • Build Your Own Fuzzer
  • Automate the process of vulnerability research by building your own tools
  • Understand How Fuzzing Works within the Development Process
  • Learn how fuzzing serves as a quality assurance tool for your own and third-party software

In this Book

  • Introduction to Vulnerability Research
  • Fuzzing—What's That?
  • Building a Fuzzing Environment
  • Open Source Fuzzing Tools
  • Commercial Fuzzing Solutions
  • Build Your Own Fuzzer
  • Integration of Fuzzing in the Development Cycle
  • Standardization and Certification
  • What Is a File?
  • Code Coverage and Fuzzing

YOU MIGHT ALSO LIKE

Rating 4.7 of 13 users Rating 4.7 of 13 users (13)
Rating 4.6 of 1111 users Rating 4.6 of 1111 users (1111)
Rating 3.8 of 4 users Rating 3.8 of 4 users (4)