LEADER 05400nam  22007094a 450 
001 9910812476703321
005 20230120004951.0
010   $a1-281-14515-7
010   $a9786611145156
010   $a0-08-055561-6
035   $a(CKB)1000000000383559
035   $a(EBL)330152
035   $a(OCoLC)476128721
035   $a(SSID)ssj0000076904
035   $a(PQKBManifestationID)11107432
035   $a(PQKBTitleCode)TC0000076904
035   $a(PQKBWorkID)10038082
035   $a(PQKB)10975136
035   $a(Au-PeEL)EBL330152
035   $a(CaPaEBR)ebr10206135
035   $a(CaONFJC)MIL114515
035   $a(CaSebORM)9781597491952
035   $a(MiAaPQ)EBC330152
035   $a(OCoLC)319430072
035   $a(OCoLC)ocm319430072 
035   $a(EXLCZ)991000000000383559
100   $a20080118d2007      uy         0
101 0 $aeng
135   $aurcn|||||||||
181   $ctxt
182   $cc
183   $acr
200 00$aOpen source fuzzing tools /$fGadi Evron ... [et al.]
205   $a1st edition
210   $aBurlington, MA $cSyngress Pub.$dc2007
215   $a1 online resource (209 p.)
300   $aIncludes index.
311   $a1-59749-195-0 
327   $aFront Cover; Open Source Fuzzing Tools; Copyright Page; Contributing Authors; Contents; Chapter 1: Introduction to Vulnerability Research; Statement of Scope; Off-by-One Errors; Programming Language Use Errors; Integer Overflows; Bugs and Vulnerabilities; The Vaunted Buffer Overflow; Finding Bugs and Vulnerabilities; Source Code Review; Black Box Testing; Glass Box Testing; Chapter 2: Fuzzing-What's That?; Introduction; Introduction to Fuzzing; Milestones in Fuzzing; Fuzzing Technology; Traffic Sniffing; Prepared Template; Second-Generation Fuzzing; File Fuzzing; Host-side Monitoring
327   $aVulnerability Scanners as Fuzzers Uses of Fuzzing; Open Source Fuzzers; Commercial-Grade Fuzzers; What Comes Next; The Software Development Life Cycle; Chapter 3: Building a Fuzzing Environment; Introduction; Knowing What to Ask...; Basic Tools and Setup; Data Points; Crash Dumps; Fuzzer Output; Debuggers; Recon Tools; Linux; OSX; Summary; Chapter 4: Open Source Fuzzing Tools; Introduction; Frameworks; Special-Purpose Tools; General-Purpose Tools; Chapter 5: Commercial Fuzzing Solutions; Introduction; beSTORM (by Beyond Security); BPS-1000 (by BreakingPoint Systems); Codenomicon
327   $aMu-4000 Security Analyzer (by Mu Security)Chapter 6: Build Your Own Fuzzer; Hold Your Horses; Fuzzer Building Blocks; One or More Valid Data Sets; Understanding What Each Bytein the Data Set Means; Change the Values of the Data Sets While Maintaining the Integrity of the Data Being Sent; Recreate the Same Malformed DataSet Time and Time Again; An Arsenal of Malformed Values, or the Ability to Create a Variety of Malformed Outputs; Maintain a Form of a State Machine; Summarize; Down to Business; Simplest Fuzz Testing Find Issues; Chapter 7: Integration of Fuzzing in the Development Cycle
327   $aIntroduction Why Is Fuzzing Important to Include in a Software Development Cycle?; Security Testing Workload; Setting Expectations for Fuzzers in a Software Development Lifecycle; Fuzzing as a Panacea; Fuzzing Tools versus ...; Setting the Plan for Implementing Fuzzers into a Software Development Lifecycle; Setting Goals; Building and Executing on the Plan; Understanding How to Increase Effectiveness of Fuzzers, and Avoiding Any Big Gotchas; Hidden Costs; Finding More Vulnerabilities; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 8: Standardization and Certification
327   $aFuzzing and the Corporate Environment Software Security Testing, the Challenges; Testing for Security; Fuzzing as a Viable Option; Business Pressure; Software Security Certification; Meeting Standards and Compliance; Tester Certification; Industry Pressure; Antivirus Product Testing and Certification; Chapter 9: What Is a File?; Introduction; Are File Fuzzers Special?; Analyzing and Building Files; Textual Files; Binary Files; Running the Test; Monitoring the Application with the Test Cases; Chapter 10: Code Coverage and Fuzzing; Introduction; Code Coverage; Obtaining Code Coverage
327   $aInstrumenting the Binary
330   $aA ""fuzzer"" is a program that attempts to discover security vulnerabilities by sending random data to an application. If that application crashes, then it has defects to correct. Security professionals and web developers can use fuzzing for software testing--checking their own programs for problems--before hackers do it!  Open Source Fuzzing Tools is the first book to market that covers the subject of black box testing using fuzzing techniques. Fuzzing has been around for a while, but is making a transition from hacker home-grown tool to commercial-grade quality assurance
606   $aComputer software$xTesting
606   $aOpen source software
606   $aDebugging in computer science
615  0$aComputer software$xTesting.
615  0$aOpen source software.
615  0$aDebugging in computer science.
676   $a005.14
676   $a005.8
676   $a005.14
701   $aEvron$b Gadi$01711910
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910812476703321
996   $aOpen source fuzzing tools$94103588
997   $aUNINA