Open Source Fuzzing Tools
Fuzzing is often described as a “black box software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.
Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.
What people are saying - Write a review
We haven't found any reviews in the usual places.
9f af bf analysis analyze application automated beSTORM bf cf df binary files black box testing buffer overflows build bytes cause cf df ff client code coverage code coverage information code paths Codenomicon crash dump create data set debugger detect DWORD errors example executed exploit Figure file format file fuzzer file fuzzing flaws Format String Freeciv function fuzz testing fuzzer fuzzing framework fuzzing tools header implementation input integer overflows Ïßÿ iterations lcov Linux load malformed data malformed values malicious manipulation Microsoft monitoring mutation network protocol Off-by-One Errors open source operating system packet PaiMei parser parsing path coverage problem requires run the fuzzer running fuzzers script security testing server simple Software Development Lifecycle software testing software vendors Solutions source code specific SPIKE stack structure target techniques template tester traffic types understand Unicode unmaintained valid vulnerabilities WinDbg Wireshark