Open Source Fuzzing Tools

A "fuzzer" is a program that attempts to discover security vulnerabilities by sending random data to an application. If that application crashes, then it has deffects to correct. Security professionals and web developers can use fuzzing for software testing--checking their own programs for problems--before hackers do it!

Open Source Fuzzing Tools is the first book to market that covers the subject of black box testing using fuzzing techniques. Fuzzing has been around fow a while, but is making a transition from hacker home-grown tool to commercial-grade quality assurance product. Using fuzzing, developers can find and eliminate buffer overflows and other software vulnerabilities during the development process and before release.

* Fuzzing is a fast-growing field with increasing commercial interest (7 vendors unveiled fuzzing products last year).
* Vendors today are looking for solutions to the ever increasing threat of vulnerabilities. Fuzzing looks for these vulnerabilities automatically, before they are known, and eliminates them before release.
* Software developers face an incresing demand to produce secure applications---and they are looking for any information to help them do that.