Open Source Fuzzing Tools

The first book on fuzzing, a fast-growing field with increasing commercial interest

Noam Rathaus (Author), Gadi Evron (Author)

9781597491952, Elsevier Science

Paperback / softback, published 20 December 2007

210 pages
23.5 x 19 x 1.5 cm, 0.39 kg

Fuzzing is often described as a “black box? software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.

Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.

Introduction to Software Testing
Introduction to Vulnerability Research
Fuzzing, what's that?
A Bit of History
Basic Fuzzing Techniques
Advanced Fuzzing Methodologies and Technologies
Open Source Solutions
Commercial Solutions
Build Your Own Fuzzer
Integration of Fuzzing in the Development Cycle
Testing Third-party Software
Certification and Regulation

Subject Areas: Computer security [UR]