Dimensions
177 x 233 x 28mm
Fuzzing (or Fuzz Testing) is a software testing technique. The basic idea is to attach the inputs of a program to a source of random data ("fuzz"). If the program fails (for example, by crashing, or by failing built-in code assertions), then there are defects to correct. The great advantage of fuzzing is that the test design is extremely simple, and free of preconceptions about system behavior. Hackers have used fuzzing for many years to crack software and systems. Now that the technique has grown up and become more sophisticated, it's time for security professionals and developers to add it to their security toolbox.
Fuzzing will be a guide to this popular black box method for exploiting software weaknesses. The book will introduce fuzzing; review fuzzing techniques used to find vulnerabilities in network protocols, file formats, and web applications; demonstrate use of automated fuzzing tools, and present interesting case histories in fuzzing. The book will also show readers how to create their own custom fuzzing tools. Armed with this book, security engineers and developers alike can find and patch vulnerabilities before hackers get a chance to exploit them. It will bring order and discipline to a previously crucial but undisciplined topic.
