Now that you are an expert at hacking Linux, Windows, Solaris, OS X, and Cisco, we move into the entire section of the book dedicated to discovering vulnerabilities. We cover the most popular methods used by hackers in the real world. First things first, you must set up a working environment, a platform to orchestrate vulnerability discovery from. In Chapter 15 we cover the tools and reference material you will need for productive and efficient vulnerability discovery. Chapter 16 introduces one of the more popular methods of automated vulnerability discovery, fault injection. A similar method of automated bug finding is detailed in Chapter 17, fuzzers.

Other forms of vulnerability discovery are just as valid as fuzzing, so they are covered as well. Discovering vulnerabilities by auditing source code is important, as more and more important applications come with source code; Chapter 18 describes this method of bug hunting when you have source code. Manual methods of vulnerability discovery have proven to be highly successful, so Chapter 19 goes over instrumented investigation, using tried and true techniques for finding security bugs manually. Chapter 20 covers vulnerability tracing, a method of tracing where input is copied through many different functions, modules, and libraries. Finally, auditing binaries in Chapter 21 rounds out this part with a comprehensive tutorial on discovering vulnerabilities when you have only a binary to work with.