The many faces of fuzzing
Session: Security testing and validation, Wed., Sep. 16, 14:45 - 15:15
Fuzzing techniques have been in use for many years as a method to find application bugs. The fuzzing concept has evolved from single random input generation tools to large and complex vulnerability discovery platforms. Nowadays, fuzzing is a fundamental method for security testing of applications, network protocols and structured data parsers. However, due to its own shortcomings, fuzzing methodology is still subject to active research by specialists in the security and testing communities.
Due to many variations of fuzzing, it is important to know which approach is best to use for a specific target. In my talk, I will discuss various approaches together with their strengths and weaknesses.