[fuzzing] I have a dream
Joshua Morin
morin.josh at gmail.com
Thu Mar 29 11:02:37 CDT 2007
HAHA, I wish I had a staple gun.
On 3/29/07, nnp <version5 at gmail.com> wrote:
>
> On 3/29/07, disco jonny <discojonny at gmail.com> wrote:
> > nothing productive to add. but hey ho - i might be able to start an
> > argument or something.
> >
> > On 29/03/07, nnp <version5 at gmail.com> wrote:
> > > On an unrelated note, does anyone know if Gadi's and Jared's books are
> > > taking the 'here are the tools and here are how they work' approach or
> > > more 'here's the theory behind fuzzing and here's how to construct
> > > your own' approach?
> >
> > This is just a guess
> > Gadi - These are the tools, This is why people use them - Here is some
> > stuff about why you should do this.
> > Jared - (im really hoping on this one) Technical details of metrics
> > that can be used, Advanced debugging, Automated Debugging and some
> > code coverage
> >
> I'd love to see some good stuff on metrics. Some other stuff that
> would be cool to hear about could be:
>
> - Monitoring the application being fuzzed. Not sure about everyone
> else but personally I used some ungodly collection of bash scripts
> that I end up rewriting every time i go to test a new genre of
> application.... its about as fun as it sounds ;)
> - Intelligent fuzzing .... not in the traditional protocol aware
> fuzzer sense but perhaps bringing in some AI techniques to allow
> fuzzers to learn as they fuzz, allowing them to focus on more
> promising branches while ignoring dead ends.
> - Combining fuzzers with other techniques like symbolic parsing and
> static analysis.
>
> Is it my imagination or is today a really lazy day for everyone? Don't
> think I've ever seen so many responses to a single thread in such a
> short period. Lazy gits :P
>
> </offTopic>
>
> > for the first one, Jared for a bit of both. :)
> >
> > If either one of you two document the history or entomology of fuzzing
> > i will personally hunt you down and kill you.
>
> Long and drawn out explanations of the origin of the word 'Fuzzing'
> will be similarly punished ;)
>
> > anyone fancy some more idle disco speculation? name a subject or a
> > question and i will speculate an answer! (well for the next 45mins) -
> > or a fight, im always up for a fight.
>
> 5 mins, me, you, in the car park. Bring your staple gun.
>
> > _______________________________________________
> > fuzzing mailing list
> > fuzzing at whitestar.linuxbox.org
> > http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
> >
>
>
> --
> http://www.smashthestack.org
> http://www.mastersofthewang.com
> _______________________________________________
> fuzzing mailing list
> fuzzing at whitestar.linuxbox.org
> http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.whitestar.linuxbox.org/pipermail/fuzzing/attachments/20070329/6e661a90/attachment.htm
More information about the fuzzing
mailing list