Dailydave mailing list archives
Fuzzing Book Review
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 05 Oct 2007 16:37:52 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here's my Amazon.com review: http://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery """ In this book the authors do a number of things that are worth reading: o Document how and why SPIKE works (and implement their own block-based fuzzer sulley) o Go through the process of writing a .flv fuzzer o Go through the process of writing a Python ActiveX fuzzer, which was probably my favorite part. o Talk about the downsides of various kinds of fuzzing. For example, when is fuzzing with a genetic algorithm not the right thing to do? That alone made this a great book. """ I was chatting here with Adam about it and there's some good stuff in it completely unrelated to fuzzing that is quite useful. For example, the part on how to really use VMWare to do the exact sorts of things everyone wants to do. Anyways, so that's my book review for Friday. Next week is another book by an academic on information warfare. I'd like to play this drinking game where you drink fine Appleton rum when the author quotes either Sun Tzu or OODA loops, or both. Pretty much when you're quoting OODA loops you know you're going the wrong direction. A flowchart does not a valuable epiphany make. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHBqCeB8JNm+PA+iURAsmOAJ0YORm2lInSeyu0PDIWYiXkiSu4IACbB2mu Cw+iNMH+5CTHPtdI8VAktyI= =qkk3 -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Fuzzing Book Review Dave Aitel (Oct 05)
- Re: Fuzzing Book Review Tedi Heriyanto (Oct 06)
- Message not available
- Re: Fuzzing Book Review Peter Wood (Oct 07)
- Message not available
- Re: Fuzzing Book Review Tedi Heriyanto (Oct 06)