Undergoing MyBlogLog Verification

Friday, March 21, 2008

Open Source Fuzzing Tools

A "fuzzer" is a program that attempts to discover security
vulnerabilities by sending random

data to an application. If that application crashes, then it has
deffects to correct. Security

professionals and web developers can use fuzzing for software
testing–checking their own

programs for problems–before hackers do it!

Open Source Fuzzing Tools is the first book to market that covers the
subject of black box

testing using fuzzing techniques. Fuzzing has been around fow a while,
but is making a transition

from hacker home-grown tool to commercial-grade quality assurance
product. Using fuzzing,

developers can find and eliminate buffer overflows and other software
vulnerabilities during the

development process and before release.

* Fuzzing is a fast-growing field with increasing commercial interest (7
vendors unveiled fuzzing

products last year).

* Vendors today are looking for solutions to the ever increasing threat
of vulnerabilities. Fuzzing

looks for these vulnerabilities automatically, before they are known,
and eliminates them before


* Software developers face an incresing demand to produce secure
applications—and they are

looking for any information to help them do that.



No comments: