Jump to content
Nytro

In-Memory Fuzzing in JAVA

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

In-Memory Fuzzing in JAVA

SWISS ETHICAL HACKING

©2012 High-Tech Bridge SA – www.htbridge.com

In-Memory Fuzzing in JAVA

2012.12.17 Xavier ROUSSEL

I. What is Fuzzing?
Introduction
Fuzzing process
Targets
Inputs vectors
Data generation
Target monitoring
Advantages and drawbacks

II. In Memory Fuzzing
Why use in-memory Fuzzing?
Principle
Data injection example
Building in-memory Fuzzer
Creating loop in memory
Advantages and drawbacks

III. DbgHelp4J
Presentation
Key features
Example
Implementing in-memory Fuzzer

IV. Real case study
EasyFTP 1.7.0.11

I. What is fuzzing?

Introduction

- OWASP definition :

“Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.“

- Alternative to code review mainly used in white box testing.

- Due to automated tests, fuzzing allows us to assess a software against a huge set of test cases in a few time.

- Especially useful to test common applications implementations like FTP server or HTTP server.

Download:

www.exploit-db.com/download_pdf/23570

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...