[fuzzing] Hey all

eugaaa eugaaa at gmail.com
Sat Mar 15 04:23:24 CDT 2008 

No proposals, however since the publishing of "Fuzzing" by Michael
Sutton it has gained a lot of momentum. Wind in it's sails, if you will.
Peachfuzz framework and subsequent conference talks. It has *slowly*
leaked into bugtraq albeit in a hard to verify way. With the progressing
pace of systems security I think pretty soon a subset of hackers will
come to rely on fuzzing and fuzzing frameworks. Thoughts?

On Sat, 2008-03-15 at 04:06 -0500, Gadi Evron wrote:
> On Sat, 15 Mar 2008, eugaaa wrote:
> > Famous last words.
> > ;-)
> 
> Going with a proposal to SANS? :)
> 
> >
> > On Sat, 2008-03-15 at 04:02 -0500, Gadi Evron wrote:
> >> On Sat, 15 Mar 2008, eugaaa wrote:
> >>> On the other hand, an official certification would mean widespread
> >>> acceptance as it would instantaneously have become an industry standard.
> >>> A distasteful but effective idea :<
> >>
> >> QA Security Engineer.
> >>
> >> If fuzzing becomes wide-spread in corporate enviroments, you could expect
> >> that. Vendors may also do that. I explored that option in my "corporate
> >> fuzzing" lecture back in 23C3.
> >>
> >> Honestly though, I don't see any widespread acceptance.
> >>
> >>
> >>>
> >>> On Sat, 2008-03-15 at 02:36 +0100, Joxean Koret wrote:
> >>>> Hi Sergio,
> >>>>
> >>>> With "research" I mean "vulnerability research". How to find
> >>>> vulnerabilities, highlight error prone vulnerable areas, etc...
> >>>>
> >>>> I'm not a certifications fan so don't consider it a cert's defense, just
> >>>> my opinion regarding "certification in fuzzing".
> >>>>
> >>>> Regards,
> >>>> Joxean Koret
> >>>>
> >>>> On sáb, 2008-03-15 at 02:21 +0100, Sergio 'shadown' Alvarez wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> "certification in research"...sweet!....what about certifications for
> >>>>> intelligence and IQ? ;)
> >>>>>
> >>>> _______________________________________________
> >>>> fuzzing mailing list
> >>>> fuzzing at whitestar.linuxbox.org
> >>>> http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
> >>>
> >>>
> >
> >

More information about the fuzzing mailing list