Fuzzing: Brute Force Vulnerability Discovery
by Michael Sutton; Adam Greene; Pedram Amini
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
by Dafydd Stuttard; Marcus Pinto
Website Optimization
by Andrew B. King
Test Driven Development: By Example
by Kent Beck
Head First Networking
by Al Anderson; Ryan Benedetti
Java Power Tools
by John Ferguson Smart
Fuzzing is often described as a "black box" software testing
technique. It works by automatically feeding a program multiple
input iterations in an attempt to trigger an internal error
indicative of a bug, and potentially crash it. Such program errors
and crashes are indicative of the existence of a security
vulnerability, which can later be researched and fixed.
Fuzz testing is now making a transition from a hacker-grown tool to
a commercial-grade product. There are many different types of
applications that can be fuzzed, many different ways they can be
fuzzed, and a variety of different problems that can be uncovered.
There are also problems that arise during fuzzing; when is enough
enough? These issues and many others are fully explored.
. Learn How Fuzzing Finds Vulnerabilities
Eliminate buffer overflows, format strings and other potential
flaws
. Find Coverage of Available Fuzzing Tools
Complete coverage of open source and commercial tools and their
uses
. Build Your Own Fuzzer
Automate the process of vulnerability research by building your own
tools
. Understand How Fuzzing Works within the Development Process
Learn how fuzzing serves as a quality assurance tool for your own
and third-party software
Top Level Categories:
Software Engineering
Sub-Categories:
Software Engineering > Testing and Debugging
Some information on this page was provided using data from Amazon.com®. View at Amazon >
About Safari Books Online •
Terms of Service •
Privacy Policy •
Contact Us •
Corporate Licenses •
Help •
Accessibility |
Copyright 2009 Safari Books Online. All rights reserved.
