Open Source Fuzzing Tools
- 2h 55m
- Gadi Evron, et al.
- Elsevier Science and Technology Books, Inc.
- 2007
Fuzzing is often described as a black box software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.
Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.
- Learn How Fuzzing Finds Vulnerabilities
- Eliminate buffer overflows, format strings and other potential flaws
- Find Coverage of Available Fuzzing Tools
- Complete coverage of open source and commercial tools and their uses
- Build Your Own Fuzzer
- Automate the process of vulnerability research by building your own tools
- Understand How Fuzzing Works within the Development Process
- Learn how fuzzing serves as a quality assurance tool for your own and third-party software
In this Book
-
Introduction to Vulnerability Research
-
Fuzzing—What's That?
-
Building a Fuzzing Environment
-
Open Source Fuzzing Tools
-
Commercial Fuzzing Solutions
-
Build Your Own Fuzzer
-
Integration of Fuzzing in the Development Cycle
-
Standardization and Certification
-
What Is a File?
-
Code Coverage and Fuzzing