21. Fuzzing Frameworks
“There’s an old saying in Tennessee—I know it’s in Texas, probably in Tennessee—that says, fool me once, shame on—shame on you. Fool me—you can’t get fooled again.”
—George W. Bush, Nashville, TN, September 17, 2002
There are a number of available specialized fuzzing utilities which target many common and documented network protocols and file formats. These fuzzers exhaustively iterate through a designated protocol and can be used across the board to stress test a variety of applications that support that protocol. For instance, the same specialized SMTP fuzzer could be used against a variety of e-mail transfer programs such as Microsoft Exchange, Sendmail, qmail, etc. Other “dumb” fuzzers take a more generic ...
Get Fuzzing: Brute Force Vulnerability Discovery now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
