[fuzzing] I have a dream
morin.josh at gmail.com
Thu Mar 29 11:02:37 CDT 2007
HAHA, I wish I had a staple gun.
On 3/29/07, nnp <version5 at gmail.com> wrote:
> On 3/29/07, disco jonny <discojonny at gmail.com> wrote:
> > nothing productive to add. but hey ho - i might be able to start an
> > argument or something.
> > On 29/03/07, nnp <version5 at gmail.com> wrote:
> > > On an unrelated note, does anyone know if Gadi's and Jared's books are
> > > taking the 'here are the tools and here are how they work' approach or
> > > more 'here's the theory behind fuzzing and here's how to construct
> > > your own' approach?
> > This is just a guess
> > Gadi - These are the tools, This is why people use them - Here is some
> > stuff about why you should do this.
> > Jared - (im really hoping on this one) Technical details of metrics
> > that can be used, Advanced debugging, Automated Debugging and some
> > code coverage
> I'd love to see some good stuff on metrics. Some other stuff that
> would be cool to hear about could be:
> - Monitoring the application being fuzzed. Not sure about everyone
> else but personally I used some ungodly collection of bash scripts
> that I end up rewriting every time i go to test a new genre of
> application.... its about as fun as it sounds ;)
> - Intelligent fuzzing .... not in the traditional protocol aware
> fuzzer sense but perhaps bringing in some AI techniques to allow
> fuzzers to learn as they fuzz, allowing them to focus on more
> promising branches while ignoring dead ends.
> - Combining fuzzers with other techniques like symbolic parsing and
> static analysis.
> Is it my imagination or is today a really lazy day for everyone? Don't
> think I've ever seen so many responses to a single thread in such a
> short period. Lazy gits :P
> > for the first one, Jared for a bit of both. :)
> > If either one of you two document the history or entomology of fuzzing
> > i will personally hunt you down and kill you.
> Long and drawn out explanations of the origin of the word 'Fuzzing'
> will be similarly punished ;)
> > anyone fancy some more idle disco speculation? name a subject or a
> > question and i will speculate an answer! (well for the next 45mins) -
> > or a fight, im always up for a fight.
> 5 mins, me, you, in the car park. Bring your staple gun.
> > _______________________________________________
> > fuzzing mailing list
> > fuzzing at whitestar.linuxbox.org
> > http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
> fuzzing mailing list
> fuzzing at whitestar.linuxbox.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the fuzzing