Test your software security with these powerful fuzzing frameworks

The concept of fuzzing to test software security has been around for almost twenty years but only recently captured widespread attention. In 2006, a plague of vulnerabilities affected popular apps like Microsoft Internet Explorer, Microsoft Word, and Microsoft Excel, and many of these vulnerabilities were discovered through fuzzing.

In this chapter download from Fuzzing: Brute Force Vulnerability Discovery, explore a number of open-source fuzzing frameworks available today, including SPIKE, Audodafe, and GPF. After investigating existing technologies, discover why, in spite of the power supplied by many general-purpose fuzzing frameworks, it is still sometimes necessary to create a fuzzer from scratch. Then, study the development of a solution to a real-world fuzzing problem. Finally, investigate a brand-new fuzzing framework developed by the authors.

Title: Fuzzing: Brute Force Vulnerability Discovery
ISBN: 0-321-44611-9
Published: June 2007
Authors: Michael Sutton, Adam Greene, Pedram Amini
Chapter: Chapter 21: Fuzzing Frameworks
Published by Addison Wesley Professional