Open Source Fuzzing Tools
| By: | Rathaus, Noam; Evron, Gadi |
| Publisher: | Elsevier S & T |
| Print ISBN: | 9781597491952 |
| eText ISBN: | 9780080555614 |
| Edition: | 0 |
| Format: | Page Fidelity |
eBook Features
Instant Access
Purchase and read your book immediately
Read Offline
Access your eTextbook anytime and anywhere
Study Tools
Built-in study tools like highlights and more
Read Aloud
Listen and follow along as Bookshelf reads to you
Fuzzing is often described as a “black box” software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.
Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.
* Fuzzing is a fast-growing field with increasing commercial interest (7 vendors unveiled fuzzing products last year).
* Vendors today are looking for solutions to the ever increasing threat of vulnerabilities. Fuzzing looks for these vulnerabilities automatically, before they are known, and eliminates them before release.
* Software developers face an increasing demand to produce secure applications---and they are looking for any information to help them do that.