|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Does Fuzzing really work?
From: ergosum (ergosum
neurosecurity.com)
Date: Tue Sep 26 2006 - 18:36:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all,
I'm with Halvar here, it's not only a permutation of commands, but more
things are to be evaluated, possible combination of commands, that includes 2
by 2, 3 by 3, etc. Not only that, but possible payloads and timings to try to
uncover race conditions, etc. Much more than 12! as Halvar points out.
Can someone send some interesting papers on fuzzing strategies? (Apart from
the ones from Dave which all of us know :) ). I would like to link this with
the thread about "Unknown Application Protocol Analysis", is there any
prototype that uses both concepts? Automatic protocol discovery an
subsequently fuzzing of it?
Cheers
--
"We must be the change we wish to see in the world"
Mahatma Gandhi
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]