Fuzzing_模糊测试--强制性安全漏洞发掘
含糊测试的概念至少现已撒播了20年,但是直到最近才引起广泛的关注。安全漏洞困惑了很多盛行的客户端使用程序,包括Microsoft的InternetExplorer、Word和Excel,它们中的很多漏洞在2006年通过含糊测试技术被发现。含糊测试技术的有效使用产生了很多新的工具和日益广泛的影响。本书是第一部揭露发表的关于这一主题的专著,这一为难现实一起也预示着将来大家将会对含糊测试有更稠密的爱好。多年来,我们参加了很多相关安全漏洞的研究工作,并且在日常工作中使用了各种不同的含糊测试技术,从不成熟的、借助个人嗜好的项目到高端的商业产品,都用到过含糊测试。每一位作者都曾参加开发过自用版本的和揭露发行版本的含糊器。这本书凝聚了我们以往的实践经验和正在进行的研究项目所花费的汗水,我们希望读者可以从中获益。Fuzzing_含糊测试--强制性安全漏洞开掘.doc
(The concept of ambiguity testing has been around for at least 20 years, but it has only recently attracted widespread attention. Security flaws have baffled many popular client applications, including Microsoft's Internet Explorer, Word and Excel, many of which were discovered in 2006 through fuzz testing techniques. The effective use of ambiguity testing techniques has resulted in many new tools and an increasingly widespread impact. This book is the first openly published monograph on the subject, and this embarrassing reality also heralds a more intensive interest in fuzz testing in the future. Over the years, we have participated in many researches related to security vulnerabilities, and have used various ambiguity testing techniques in our daily work, from immature, personal hobby projects to high-end commercial products. test. Each of the authors has participated in the development of fuzzers for private use and public distribution. This book is the result of our previous practical experience and the sweat of our ongoing research projects, and we hope that readers will benefit from it.
Fuzzing_Fuzzy Testing--Mandatory Security Vulnerability Discovery.doc)
页:
[1]