[Owasp-singapore] Fuzzing - who knows how to do fuzzing and have done it before

Pishu.Mahtani at ASIA.ING.com Pishu.Mahtani at ASIA.ING.com
Mon Apr 5 03:59:28 EDT 2010

Well Onn Chee, I don't know what will you ask next but using GPF or General Purpose Fuzzer would do the job(cheap & value-added) that is to find those bugs but since it doesn't "talk" to the debugger directly that is monitoring the target proves to be one of the disadvantages.

A good resource to refer to which I recommend would be "Fuzzing: Brute Force Vulnerability Discovery".


-----Original Message-----
From: owasp-singapore-bounces at lists.owasp.org [mailto:owasp-singapore-bounces at lists.owasp.org] On Behalf Of Wong Onn Chee
Sent: Monday, April 05, 2010 3:20 PM
To: SIG - OWASP Singapore @MailingList; SIG - OWASP Singapore @MailingList
Subject: [Owasp-singapore] Fuzzing - who knows how to do fuzzing and have done it before


Just a show of hands - how many of you know and had performed fuzzing

Onn Chee

Owasp-singapore mailing list
Owasp-singapore at lists.owasp.org

The information in this Internet email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to this Internet
email by anyone else is unauthorised. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this Internet email are subject to the terms and conditions
expressed in any applicable governing ING's terms of business or
client engagement letter.

Visit us at www.ing.com

More information about the Owasp-singapore mailing list