Fuzzing – Brute Force Vulnerability Discovery….

July 23, 2010

Fuzzing is a method for discovering faults in software by providing unexpected input and monitoring for exceptions. It is typically an automated or semiautomated process that involves repeatedly manipulating and supplying data to target software for processing . All fuzzers fall into one of two categories: mutation-based fuzzers, which apply mutations on existing data samples to create test cases , and generation-based fuzzers, which create test cases from scratch by modelling the target protocol or file format.

Most fuzzer developers will find themselves creating tools from scratch as evident in the abundance of fuzzer script already available for public consumption. Fortunately , many tools and libraries can help you during the design and implementation phase of your fuzzer. These are the tools and libraries:-

1. Ethereal/Wireshark.



4. Metro Packet Library.

5. PTrace.

6. Python Extensions.

Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz”, you attach a program’s input to a source of random data , and then systematically identify the failure that arise. Hackers have relied on fuzzing for years.

If you all wanna know other tools that we can use to fuzzing , here’s are the website link:-



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: