Comments on: Fuzzing for Software Security Testing and Quality Assurance http://qalibrary.com/testing/sectest/fuzzing-for-software-security-testing-and-quality-assurance/ Resources for Quality Assurance Tue, 17 Aug 2010 00:23:24 -0700 http://wordpress.org/?v=2.8.6 hourly 1 By: User 1138 http://qalibrary.com/testing/sectest/fuzzing-for-software-security-testing-and-quality-assurance/comment-page-1/#comment-364 User 1138 Thu, 11 Feb 2010 16:18:13 +0000 http://qalibrary.com/testing/sectest/fuzzing-for-software-security-testing-and-quality-assurance/#comment-364 The introduction to this book mentions its broken up history, being picked up and abandoned a couple times. It definitely shows in the writing, which is unfocused, choppy, and repetitive. Most of the first half is taken up with repetitive descriptions of the general software testing process. The second half contains a summary of one author's thesis on using evolutionary algorithms for fuzzing and the final author's use of various fuzzing tools to try to find hand-inserted vulnerabilities. While the latter half is better than the first, each topic is worthy of a single blog post. Given this book's price and the authors' reputations, I expected more. <br /> <br />At the same time, I read "Gray Hat Python" and it was enjoyable. Even though it had a much broader focus on other topics, it contained more hands-on info on fuzzing tools. I'm also interested in "Fuzzing: Brute Force Vulnerability Discovery", although I have not read it yet. <br /> <br />Don't waste your time on this book. Download the Sulley manual, read the slides from a few Blackhat talks, and you'll be at the state of the art for current fuzzing knowledge. Rating: 1 / 5 The introduction to this book mentions its broken up history, being picked up and abandoned a couple times. It definitely shows in the writing, which is unfocused, choppy, and repetitive. Most of the first half is taken up with repetitive descriptions of the general software testing process. The second half contains a summary of one author’s thesis on using evolutionary algorithms for fuzzing and the final author’s use of various fuzzing tools to try to find hand-inserted vulnerabilities. While the latter half is better than the first, each topic is worthy of a single blog post. Given this book’s price and the authors’ reputations, I expected more.

At the same time, I read “Gray Hat Python” and it was enjoyable. Even though it had a much broader focus on other topics, it contained more hands-on info on fuzzing tools. I’m also interested in “Fuzzing: Brute Force Vulnerability Discovery”, although I have not read it yet.

Don’t waste your time on this book. Download the Sulley manual, read the slides from a few Blackhat talks, and you’ll be at the state of the art for current fuzzing knowledge.
Rating: 1 / 5

]]> By: Robert Hudock http://qalibrary.com/testing/sectest/fuzzing-for-software-security-testing-and-quality-assurance/comment-page-1/#comment-363 Robert Hudock Thu, 11 Feb 2010 15:04:09 +0000 http://qalibrary.com/testing/sectest/fuzzing-for-software-security-testing-and-quality-assurance/#comment-363 Fuzzing generally involves testing the parameters of an application using random or specifically formatted randomized input to evaluate whether a given application crashes and/ or can be exploited. At least two of the authors have worked at the National Security Agency. Dr. Charlie Miller is well known for publishing an interesting article on the economics of the black market trading of security vulnerabilities (avaliable at weis2007.econinfosec.org/papers/29.pdf). Dr. Miller demonstrated the utility of the procedures discussed in this book at BlackHat 2008. This book provides insight into an area of research that is not usually publicly avaliable. The book details a number of open-source and commercially avaliable fuzzers and their relative reliability in finding bugs. Fuzzers are one of the most reliable methods for finding vulnerabilities in closed source programs. The book is conceptually accessible to an individual with some knowledge of secure programming and vulnerabilities. Rating: 5 / 5 Fuzzing generally involves testing the parameters of an application using random or specifically formatted randomized input to evaluate whether a given application crashes and/ or can be exploited. At least two of the authors have worked at the National Security Agency. Dr. Charlie Miller is well known for publishing an interesting article on the economics of the black market trading of security vulnerabilities (avaliable at weis2007.econinfosec.org/papers/29.pdf). Dr. Miller demonstrated the utility of the procedures discussed in this book at BlackHat 2008. This book provides insight into an area of research that is not usually publicly avaliable. The book details a number of open-source and commercially avaliable fuzzers and their relative reliability in finding bugs. Fuzzers are one of the most reliable methods for finding vulnerabilities in closed source programs. The book is conceptually accessible to an individual with some knowledge of secure programming and vulnerabilities.
Rating: 5 / 5

]]>