Fuzzing

MICHAEL SUTTONMichael Sutton is the Security Evangelist for SPI Dynamics. As Security Evangelist, Michael is responsible for identifying, researching, and presenting on emerging issues in the web application security industry. He is a frequent speaker at major information security conferences, has authored numerous articles, and is regularly quoted in the media on various information security topics.Michael is also a member of the Web Application Security Consortium (WASC), where he is project lead for the Web Application Security Statistics project.Prior to joining SPI Dynamics,Michael was a Director for iDefense/VeriSign, where he headed iDefense Labs, a team of world class researchers tasked with discovering and researching security vulnerabilities.Michael also established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst & Young in Bermuda. He holds degrees from the University of Alberta and The George Washington University. Michael is a proud Canadian who understands that hockey is a religion and not a sport. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department.  ADAM GREENEAdam Greene is an engineer for a large financial news company based in New York City. Previously, he served as an engineer for iDefense, an intelligence company located in Reston, VA. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX-based system auditing and exploit development.  PEDRAM AMINIPedram Amini currently leads the security research and product security assessment team at TippingPoint. Previously, he was the assistant director and one of the founding members of iDefense Labs. Despite the fancy titles, he spends much of his time in the shoes of a reverse engineer–developing automation tools, plug-ins, and scripts. His most recent projects (a.k.a. “babies”) include the PaiMei reverse engineering framework and the Sulley fuzzing framework.In conjunction with his passion, Pedram launched OpenRCE.org, a community website dedicated to the art and science of reverse engineering. He has presented at RECon, BlackHat, DefCon, ShmooCon, and ToorCon and taught numerous sold out reverse engineering courses. Pedram holds a computer science degree from Tulane University.

• Foreword     xixPreface        xxiAcknowledgments  xxvAbout the Author   xxviiPARTI         BACKGROUND     1Chapter 1    Vulnerability Discovery Methodologies  3Chapter 2    What Is Fuzzing?   21Chapter 3    Fuzzing Methods and Fuzzer Types     33Chapter 4    Data Representation and Analysis        45Chapter 5    Requirements for Effective Fuzzing      61PART II      TARGETS AND AUTOMATION          71Chapter 6    Automation and Data Generation        73Chapter 7    Environment Variable and Argument Fuzzing 89Chapter 8    Environment Variable and Argument Fuzzing: Automation 103Chapter 9    Web Application and Server Fuzzing     113Chapter 10  Web Application and Server Fuzzing: Automation    137Chapter 11  File Format Fuzzing         169Chapter 12  File Format Fuzzing: Automation on UNIX     181Chapter 13  File Format Fuzzing: Automation on Windows         197Chapter 14  Network Protocol Fuzzing         223Chapter 15  Network Protocol Fuzzing: Automation on UNIX     235Chapter 16  Network Protocol Fuzzing: Automation on Windows         249Chapter 17  Web Browser Fuzzing      267Chapter 18  Web Browser Fuzzing: Automation     283Chapter 19  In-Memory Fuzzing         301Chapter 20  In-Memory Fuzzing: Automation         315PART III    ADVANCED FUZZING TECHNOLOGIES      349Chapter 21  Fuzzing Frameworks       351Chapter 22  Automated Protocol Dissection  419Chapter 23  Fuzzer Tracking     437Chapter 24  Intelligent Fault Detection 471PART IV     LOOKING FORWARD    495Chapter 25  Lessons Learned    497Chapter 26  Looking Forward    507Index 519