Test your software security with these powerful fuzzing frameworks
Source: Addison Wesley Professional
The concept of fuzzing to test software security has been around for almost twenty years but only recently captured widespread attention. In 2006, a plague of vulnerabilities affected popular apps like Microsoft Internet Explorer, Microsoft Word, and Microsoft Excel, and many of these vulnerabilities were discovered through fuzzing.
In this chapter download from Fuzzing: Brute Force Vulnerability Discovery, explore a number of open-source fuzzing frameworks available today, including SPIKE, Audodafe, and GPF. After investigating existing technologies, discover why, in spite of the power supplied by many general-purpose fuzzing frameworks, it is still sometimes necessary to create a fuzzer from scratch. Then, study the development of a solution to a real-world fuzzing problem. Finally, investigate a brand-new fuzzing framework developed by the authors.
Title: Fuzzing: Brute Force Vulnerability Discovery
Published: June 2007
Authors: Michael Sutton, Adam Greene, Pedram Amini
Chapter: Chapter 21: Fuzzing Frameworks
Published by Addison Wesley Professional