Fuzzing: Brute Force Vulnerability Discovery

Valutazione media 3,83
( su 42 valutazioni fornite da Goodreads )
 
9780321446114: Fuzzing: Brute Force Vulnerability Discovery

FUZZING

Master One of Today’s Most Powerful Techniques for Revealing Security Flaws!

Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz,” you attach a program’s inputs to a source of random data, and then systematically identify the failures that arise. Hackers have

relied on fuzzing for years: Now, it’s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does.

 

Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes:

 

· Why fuzzing simplifies test design and catches flaws other methods miss

· The fuzzing process: from identifying inputs to assessing “exploitability”

· Understanding the requirements for effective fuzzing

· Comparing mutation-based and generation-based fuzzers

· Using and automating environment variable and argument fuzzing

· Mastering in-memory fuzzing techniques

· Constructing custom fuzzing frameworks and tools

· Implementing intelligent fault detection

 

Attackers are already using fuzzing. You should, too. Whether you’re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software.

 

Foreword     xix

Preface        xxi

Acknowledgments  xxv

About the Author   xxvii

P ARTI         B ACKGROUND     1

Chapter 1    Vulnerability Discovery Methodologies  3

Chapter 2    What Is Fuzzing?   21

Chapter 3    Fuzzing Methods and Fuzzer Types     33

Chapter 4    Data Representation and Analysis        45

Chapter 5    Requirements for Effective Fuzzing      61

P ART II      T ARGETS AND A UTOMATION          71

Chapter 6    Automation and Data Generation        73

Chapter 7    Environment Variable and Argument Fuzzing 89

Chapter 8    Environment Variable and Argument Fuzzing: Automation 103

Chapter 9    Web Application and Server Fuzzing     113

Chapter 10  Web Application and Server Fuzzing: Automation    137

Chapter 11  File Format Fuzzing         169

Chapter 12  File Format Fuzzing: Automation on UNIX     181

Chapter 13  File Format Fuzzing: Automation on Windows         197

Chapter 14  Network Protocol Fuzzing         223

Chapter 15  Network Protocol Fuzzing: Automation on UNIX     235

Chapter 16  Network Protocol Fuzzing: Automation on Windows         249

Chapter 17  Web Browser Fuzzing      267

Chapter 18  Web Browser Fuzzing: Automation     283

Chapter 19  In-Memory Fuzzing         301

Chapter 20  In-Memory Fuzzing: Automation         315

P ART III    A DVANCED F UZZING T ECHNOLOGIES      349

Chapter 21  Fuzzing Frameworks       351

Chapter 22  Automated Protocol Dissection  419

Chapter 23  Fuzzer Tracking     437

Chapter 24  Intelligent Fault Detection 471

P ART IV     L OOKING F ORWARD    495

Chapter 25  Lessons Learned    497

Chapter 26  Looking Forward    507

Index 519

 

 

Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

About the Author:

M ICHAEL S UTTON

Michael Sutton is the Security Evangelist for SPI Dynamics. As Security Evangelist, Michael is responsible for identifying, researching, and presenting on emerging issues in the web application security industry. He is a frequent speaker at major information security conferences, has authored numerous articles, and is regularly quoted in the media on various information security topics.Michael is also a member of the Web Application Security Consortium (WASC), where he is project lead for the Web Application Security Statistics project.

Prior to joining SPI Dynamics,Michael was a Director for iDefense/VeriSign, where he headed iDefense Labs, a team of world class researchers tasked with discovering and researching security vulnerabilities.Michael also established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst & Young in Bermuda. He holds degrees from the University of Alberta and The George Washington University. Michael is a proud Canadian who understands that hockey is a religion and not a sport. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department.

 

A DAM G REENE

Adam Greene is an engineer for a large financial news company based in New York City. Previously, he served as an engineer for iDefense, an intelligence company located in Reston, VA. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX-based system auditing and exploit development.

 

P EDRAM A MINI

Pedram Amini currently leads the security research and product security assessment team at TippingPoint. Previously, he was the assistant director and one of the founding members of iDefense Labs. Despite the fancy titles, he spends much of his time in the shoes of a reverse engineer–developing automation tools, plug-ins, and scripts. His most recent projects (a.k.a. “babies”) include the PaiMei reverse engineering framework and the Sulley fuzzing framework.

In conjunction with his passion, Pedram launched OpenRCE.org, a community website dedicated to the art and science of reverse engineering. He has presented at RECon, BlackHat, DefCon, ShmooCon, and ToorCon and taught numerous sold out reverse engineering courses. Pedram holds a computer science degree from Tulane University.

 

Excerpt. © Reprinted by permission. All rights reserved.:

Preface

Preface

"I know the human being and fish can coexist peacefully."
- George W. Bush, Saginaw, Mich., Sept. 29, 2000

Introduction

The concept of fuzzing has been around for almost two decades but has only recently captured widespread attention. In 2006, we saw a plague of new vulnerabilities emerge that affected popular client-side applications including Microsoft Internet Explorer, Microsoft Word and Microsoft Excel; a large portion of these vulnerabilities were discovered through fuzzing. As a result of fuzzing being used so successfully on these mainstream products, it has received a resurgence of attention from the security community. The sheer fact that this is the first published book dedicated to the subject matter is an additional indicator that there is an increasing interest in fuzzing.

Having been involved in the vulnerability research community for years, we have used a variety of fuzzing technologies in our day to day work, ranging from hobby projects to high end commercial products. Each of the authors has been involved in the development of both privately held and publicly released fuzzers. We leveraged our combined experience and ongoing research projects to compose this bleeding edge book, which we hope you will find useful.

Intended Audience

We strongly believe that the quantity and severity of vulnerabilities will continue to grow so long as security is deemed to be the sole responsibility of a security team. As such, we have taken strong efforts to write for a larger audience than just security researchers, including both readers who are new to fuzzing and those who have already had significant experience.

It is unrealistic to believe that secure applications can emerge from the development process if development organizations simply hand completed applications to a security team for a quick audit prior to production launch. Gone are the days when a developer or a member of the QA Team can say, "security's not my problem – we have a security team that worries about that". Security must now be everyone's problem. Security must be baked into the software development lifecycle (SDLC), not brushed on at the end.

Asking the development and QA teams to focus on security can be a tall order, especially for those that have not been asked to do so in the past. We believe that fuzzing presents a unique vulnerability discovery methodology that is accessible to a wide audience due to the fact that it can be highly automated. While we are hopeful that seasoned security researchers will gain valuable insights from this book, we are equally hopeful that it will be accessible to developers and QA teams. Fuzzing can and should be an integral part of any SDLC, not just at the testing phase, but also during development. The earlier a defect can be identified, the less costly it will be to remediate.

Prerequisites

Fuzzing is a vast subject. While we cover many non-fuzzing specific basics throughout the book, a number of assumptions regarding prior knowledge have been made. Readers should have at least a basic understanding of programming and computer networking prior to taking on this book. Fuzzing is all about automating security testing so naturally much of the book is dedicated to building tools. We have purposely selected multiple programming languages for these tasks. Languages were selected according to the task at hand but this also demonstrates that fuzzing can be approached in numerous ways. It is certainly not necessary to have a background in all of the languages used but having a language or two under your belt will go a long way in helping you to get the most from these chapters.

We detail numerous vulnerabilities throughout the book and discuss how they might have been identified through fuzzing. However, it is not our goal to define or dissect the nature of the vulnerabilities themselves. Many excellent books have been written which are dedicated to this topic. If you are looking for a primer on software vulnerabilities, "Exploiting Software" by Greg Hoglund and Gary McGraw, books from the Hacking Exposed series and "The Shellcoder's Handbook" by Jack Koliol, David Litchfield, et al. are great references.

Approach

How to best leverage this book is dependent upon your background and intentions. If you are new to fuzzing, we would recommend digesting the book in a sequential manner as it has been intentionally laid out to provide necessary background information prior to moving onto more advanced topics. If however, you've already spent time using various fuzzing tools, don't be afraid to dive directly into topics of interest as the various logical sections and chapter groupings are largely independent of one another.

Part I is designed to set the stage for the specific types of fuzzing that are discussed in the remainder of the book. If you're new to the world of fuzzing, consider this to be required reading. Fuzzing can be used as a vulnerability discovery methodology for just about any target, but all approaches follow the same basic principles. In Part I we seek to define fuzzing as a vulnerability discovery methodology and detail the knowledge that will be required regardless of the type of fuzzing which is conducted.

Part II focuses on fuzzing specific classes of targets. Each target is divided across two or three chapters. The first chapter provides background information specific to the target class and the subsequent chapters focus on automation, detailing the construction of fuzzers for that particular target. Two automation chapters are provided when separate tools are deemed necessary for the Windows and UNIX platforms. For example, consider the chapter triplet on "File Format Fuzzing" starting with Chapter 11 which details background information related to fuzzing file parsers. Chapter 12, "File Format Fuzzing: Automation on UNIX" details the actual programming of a UNIX-based file fuzzer and Chapter 13, "File Format Fuzzing: Automation on Windows" details the construction of a file format fuzzer designed to run in the Windows environment.

Part III tackles advanced topics in fuzzing. For readers who already have a strong knowledge of fuzzing it may be appropriate to jump directly into Part III, while most readers will likely want to spend time in Parts I and II before moving onto these topics. In Part III we focus on emerging technologies that are just beginning to be implemented but will become critical for advanced vulnerability discovery tools that leverage fuzzing in the future.

Finally, in Part IV we reflect on what we've learned throughout the book and then peer into the crystal ball to see where we're headed in the future. While fuzzing is not a new concept, it still has plenty of room to grow and we hope that this book will inspire further research in this space.

A Touch of Humor

Writing a book is serious work, especially a book on a complex subject like fuzzing. That said, we like to have fun as much as the next person (actually probably significantly more than the average person) and have made our best effort to keep the writing entertaining. In that spirit, we decided to open each chapter with a brief quotation from the 43rd President of the United States, George W. Bush (aka Dubya). No matter what your political affiliation or beliefs may be, no one can argue that Mr. Bush has cooked up many entertaining quotes over the years, enough to fill entire calendars1 even! We've compiled some of our favorites to share with you and hope you find them as funny as we do. As you'll see throughout the book, fuzzing can be applied against a variety of targets, evidently even the English language.

About the Cover

Vulnerabilities have at times been referred to as "fish", for example see the thread on "The L Word & Fish"2 from the DailyDave security mailing list. This is a useful analogy that can be applied across the board when discussing security and vulnerabilities. A researcher can be called a fisherman. Reverse engineering the assembly code of an application, line by line, in search of a vulnerability may be referred to as "deep sea fishing". Revisiting the quote at the beginning of this section, who knew that George W. Bush was a truly security researcher at heart.

In comparison to many other auditing tactics, fuzzing for the most part only scratches the surface and is highly effective at capturing the "easy" fish. In addition, the grizzly bear is a notable "fuzzy", yet powerful animal. Combined, these are the main motivations behind our choice of cover art where the bear, representing a fuzzer, is shown capturing a fish, representing a vulnerability.

Companion Website: http://www.fuzzing.org

The fuzzing.org website is an absolutely integral part of this book as opposed to a supplemental resource. In addition to housing errata that is sure to emerge post publication, the website will serve as the central repository for all source code and tools covered throughout the book. Over time we intend to evolve fuzzing.org beyond a book-centric companion website into a valuable community resource with tools and information related to all fuzzing disciplines. We welcome your feedback in order to help make the site a valuable and open knowledgebase.

1 http://tinyurl.com/2vy2ks

2 http://tinyurl.com/2vmvq4


© Copyright Pearson Education. All rights reserved.

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

1.

Sutton, Michael
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Quantità: 1
Da
Paperbackshop-US
(Wood Dale, IL, U.S.A.)
Valutazione libreria
[?]

Descrizione libro 2007. PAP. Condizione libro: New. New Book. Shipped from US within 10 to 14 business days. Established seller since 2000. Codice libro della libreria KB-9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 29,00
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

2.

Michael SuttonAdam GreenePedram Amini
Editore: Prentice Hall
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Quantità: > 20
Da
INDOO
(Avenel, NJ, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Prentice Hall. Condizione libro: New. Brand New. Codice libro della libreria 0321446119

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 33,41
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,04
In U.S.A.
Destinazione, tempi e costi

3.

Michael Sutton, Adam Greene, Pedram Amini
Editore: Pearson Education (US), United States (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Quantità: 1
Da
The Book Depository US
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2007. Mixed media product. Condizione libro: New. Language: English . Brand New Book. FUZZING Master One of Today s Most Powerful Techniques for Revealing Security Flaws! Fuzzing has evolved into one of today s most effective approaches to test software security. To fuzz, you attach a program s inputs to a source of random data, and then systematically identify the failures that arise. Hackers have relied on fuzzing for years: Now, it s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does. Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work.Coverage includes: * Why fuzzing simplifies test design and catches flaws other methods miss * The fuzzing process: from identifying inputs to assessing exploitability * Understanding the requirements for effective fuzzing * Comparing mutation-based and generation-based fuzzers * Using and automating environment variable and argument fuzzing * Mastering in-memory fuzzing techniques * Constructing custom fuzzing frameworks and tools * Implementing intelligent fault detection Attackers are already using fuzzing. You should, too. Whether you re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software. Foreword xix Preface xxi Acknowledgments xxv About the Author xxvii PARTI BACKGROUND 1 Chapter 1 Vulnerability Discovery Methodologies 3 Chapter 2 What Is Fuzzing?21 Chapter 3 Fuzzing Methods and Fuzzer Types 33 Chapter 4 Data Representation and Analysis 45 Chapter 5 Requirements for Effective Fuzzing 61 PART II TARGETS AND AUTOMATION 71 Chapter 6 Automation and Data Generation 73 Chapter 7 Environment Variable and Argument Fuzzing 89 Chapter 8 Environment Variable and Argument Fuzzing: Automation 103 Chapter 9 Web Application and Server Fuzzing 113 Chapter 10 Web Application and Server Fuzzing: Automation 137 Chapter 11 File Format Fuzzing 169 Chapter 12 File Format Fuzzing: Automation on UNIX 181 Chapter 13 File Format Fuzzing: Automation on Windows 197 Chapter 14 Network Protocol Fuzzing 223 Chapter 15 Network Protocol Fuzzing: Automation on UNIX 235 Chapter 16 Network Protocol Fuzzing: Automation on Windows 249 Chapter 17 Web Browser Fuzzing 267 Chapter 18 Web Browser Fuzzing: Automation 283 Chapter 19 In-Memory Fuzzing 301 Chapter 20 In-Memory Fuzzing: Automation 315 PART III ADVANCED FUZZING TECHNOLOGIES 349 Chapter 21 Fuzzing Frameworks 351 Chapter 22 Automated Protocol Dissection 419 Chapter 23 Fuzzer Tracking 437 Chapter 24 Intelligent Fault Detection 471 PART IV LOOKING FORWARD 495 Chapter 25 Lessons Learned 497 Chapter 26 Looking Forward 507 Index 519. Codice libro della libreria AAS9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 39,00
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

4.

Michael Sutton, Adam Greene, Pedram Amini
Editore: Pearson Education (US), United States (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Quantità: 1
Da
The Book Depository
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US), United States, 2007. Mixed media product. Condizione libro: New. Language: English . Brand New Book. FUZZING Master One of Today s Most Powerful Techniques for Revealing Security Flaws! Fuzzing has evolved into one of today s most effective approaches to test software security. To fuzz, you attach a program s inputs to a source of random data, and then systematically identify the failures that arise. Hackers have relied on fuzzing for years: Now, it s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does. Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work.Coverage includes: * Why fuzzing simplifies test design and catches flaws other methods miss * The fuzzing process: from identifying inputs to assessing exploitability * Understanding the requirements for effective fuzzing * Comparing mutation-based and generation-based fuzzers * Using and automating environment variable and argument fuzzing * Mastering in-memory fuzzing techniques * Constructing custom fuzzing frameworks and tools * Implementing intelligent fault detection Attackers are already using fuzzing. You should, too. Whether you re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software. Foreword xix Preface xxi Acknowledgments xxv About the Author xxvii PARTI BACKGROUND 1 Chapter 1 Vulnerability Discovery Methodologies 3 Chapter 2 What Is Fuzzing?21 Chapter 3 Fuzzing Methods and Fuzzer Types 33 Chapter 4 Data Representation and Analysis 45 Chapter 5 Requirements for Effective Fuzzing 61 PART II TARGETS AND AUTOMATION 71 Chapter 6 Automation and Data Generation 73 Chapter 7 Environment Variable and Argument Fuzzing 89 Chapter 8 Environment Variable and Argument Fuzzing: Automation 103 Chapter 9 Web Application and Server Fuzzing 113 Chapter 10 Web Application and Server Fuzzing: Automation 137 Chapter 11 File Format Fuzzing 169 Chapter 12 File Format Fuzzing: Automation on UNIX 181 Chapter 13 File Format Fuzzing: Automation on Windows 197 Chapter 14 Network Protocol Fuzzing 223 Chapter 15 Network Protocol Fuzzing: Automation on UNIX 235 Chapter 16 Network Protocol Fuzzing: Automation on Windows 249 Chapter 17 Web Browser Fuzzing 267 Chapter 18 Web Browser Fuzzing: Automation 283 Chapter 19 In-Memory Fuzzing 301 Chapter 20 In-Memory Fuzzing: Automation 315 PART III ADVANCED FUZZING TECHNOLOGIES 349 Chapter 21 Fuzzing Frameworks 351 Chapter 22 Automated Protocol Dissection 419 Chapter 23 Fuzzer Tracking 437 Chapter 24 Intelligent Fault Detection 471 PART IV LOOKING FORWARD 495 Chapter 25 Lessons Learned 497 Chapter 26 Looking Forward 507 Index 519. Codice libro della libreria AAS9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 46,75
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

5.

Sutton, Michael; Greene, Adam; Amini, Pedram
Editore: Addison-Wesley Professional (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Paperback Quantità: 1
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2007. Paperback. Condizione libro: New. Codice libro della libreria INGM9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 44,45
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

6.

Michael Sutton, Adam Greene, Pedram Amini
Editore: Pearson Education (US)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Paperback Quantità: 4
Da
THE SAINT BOOKSTORE
(Southport, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Pearson Education (US). Paperback. Condizione libro: new. BRAND NEW, Fuzzing: Brute Force Vulnerability Discovery, Michael Sutton, Adam Greene, Pedram Amini, FUZZING Master One of Today's Most Powerful Techniques for Revealing Security Flaws! Fuzzing has evolved into one of today's most effective approaches to test software security. To "fuzz," you attach a program's inputs to a source of random data, and then systematically identify the failures that arise. Hackers have relied on fuzzing for years: Now, it's your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does. Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes: * Why fuzzing simplifies test design and catches flaws other methods miss * The fuzzing process: from identifying inputs to assessing "exploitability" * Understanding the requirements for effective fuzzing * Comparing mutation-based and generation-based fuzzers * Using and automating environment variable and argument fuzzing * Mastering in-memory fuzzing techniques * Constructing custom fuzzing frameworks and tools * Implementing intelligent fault detection Attackers are already using fuzzing. You should, too. Whether you're a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software. Foreword xix Preface xxi Acknowledgments xxv About the Author xxvii PARTI BACKGROUND 1 Chapter 1 Vulnerability Discovery Methodologies 3 Chapter 2 What Is Fuzzing? 21 Chapter 3 Fuzzing Methods and Fuzzer Types 33 Chapter 4 Data Representation and Analysis 45 Chapter 5 Requirements for Effective Fuzzing 61 PART II TARGETS AND AUTOMATION 71 Chapter 6 Automation and Data Generation 73 Chapter 7 Environment Variable and Argument Fuzzing 89 Chapter 8 Environment Variable and Argument Fuzzing: Automation 103 Chapter 9 Web Application and Server Fuzzing 113 Chapter 10 Web Application and Server Fuzzing: Automation 137 Chapter 11 File Format Fuzzing 169 Chapter 12 File Format Fuzzing: Automation on UNIX 181 Chapter 13 File Format Fuzzing: Automation on Windows 197 Chapter 14 Network Protocol Fuzzing 223 Chapter 15 Network Protocol Fuzzing: Automation on UNIX 235 Chapter 16 Network Protocol Fuzzing: Automation on Windows 249 Chapter 17 Web Browser Fuzzing 267 Chapter 18 Web Browser Fuzzing: Automation 283 Chapter 19 In-Memory Fuzzing 301 Chapter 20 In-Memory Fuzzing: Automation 315 PART III ADVANCED FUZZING TECHNOLOGIES 349 Chapter 21 Fuzzing Frameworks 351 Chapter 22 Automated Protocol Dissection 419 Chapter 23 Fuzzer Tracking 437 Chapter 24 Intelligent Fault Detection 471 PART IV LOOKING FORWARD 495 Chapter 25 Lessons Learned 497 Chapter 26 Looking Forward 507 Index 519. Codice libro della libreria B9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 45,35
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 7,86
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

7.

Michael Sutton, Adam Greene, Pedram Amini
Editore: Addison-Wesley Professional (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Paperback Quantità: 1
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2007. Paperback. Condizione libro: New. 1. Codice libro della libreria DADAX0321446119

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 51,90
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

8.

Michael Sutton; Adam Greene; Pedram Amini
Editore: Addison-Wesley Professional (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Brossura Quantità: > 20
Da
Palexbooks
(Sanford, NC, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2007. Condizione libro: New. Brand new! Please provide a physical shipping address. Codice libro della libreria 9780321446114

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 58,50
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 2,60
In U.S.A.
Destinazione, tempi e costi

9.

Michael Sutton; Adam Greene; Pedram Amini
Editore: Addison-Wesley Professional (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Paperback Prima edizione Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2007. Paperback. Condizione libro: New. book. Codice libro della libreria 0321446119

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 61,16
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

10.

Sutton, Michael/ Greene, Adam/ Amini, Pedram
Editore: Addison-Wesley (2007)
ISBN 10: 0321446119 ISBN 13: 9780321446114
Nuovi Paperback Quantità: 1
Da
Revaluation Books
(Exeter, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley, 2007. Paperback. Condizione libro: Brand New. 1st edition. 543 pages. 9.25x7.00x1.00 inches. In Stock. Codice libro della libreria z-0321446119

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 60,99
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 6,78
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

Vedi altre copie di questo libro

Vedi tutti i risultati per questo libro