This weekend I finished the Syngress Publishing book Open Source Fuzzing Tools. The book didn't take long. Part of the reason is that there really isn't a ton of technical information in the book to hold up the reader in lab exercise. It's not completely devoid of detailed fuzzer usage, but it's not wall to wall "let's go break some software" either. Read the rest of this entry »
Fuzzing: Brute Force Vulnerability Disclosure takes you to the edge of Application Testingville and kicks you 30ft outside city limits. The methods used to vulnerability test software in an automated way have never been so clearly conveyed. This book becomes family for anyone stalking the elusive 0-day. Like a second cousin really, but still you hold it near and dear. Read more...
Today on bugtraq Michal Zalewski , a noted security researcher who pounds out some pretty cool tools, posted a new fuzzer for the C language. Bunny the Fuzzer is available through Google Code.
So, if you know me personally, you know that lately I've been pretty drawn to fuzzing and Read the rest of this entry »
