Fun With Fuzzing [Day 1]
 Jeremy Richards (dyngnosis) <richarjb gmail com> |
Thursday, June 23 2005 16:29.33 CDT |
Fun with Fuzzing
We will start with a quick definition of fuzzing and then move directly into the technical stuff.
[SNIP]
Fuzz testing is a software testing technique. The basic idea is to attach the inputs of a program to a source of random data. If the program fails (for example, by crashing, or by failing in-built code assertions), then there are defects to correct.
The great advantage of fuzz testing is that the test design is extremely simple, and free of preconceptions about system behavior.
[/SNIP]
So what does that mean? Basically you use a script to automate feeding bad commands to a server and see if it fails. In my case, I
Comments
| Posted: Wednesday, December 31 1969 18:00.00 CST | |