Fuzzing and Fuzzer

Fuzzing
What the heck is fuzzing? Fuzzing is one of the methods of finding bugs in applications. With fuzzing method, an attacker trying to send data2 are not concrete in the hope that application will experience a crash or failure in the operation. When an application crashes, then an attacker can exploit these loopholes to control the victim computer.


Fuzzer 
Fuzzer is a tool used by the security people to test the parameters of an application. Fuzzers is typical of the test application for buffer overflows, format string vulnerabilities, and error handling. Fuzzers forward if the combined function is useful to examine directory traversal attacks, command execution vulnerabilities, SQL Injection and Cross Site Scripting vulnerability (xss). Web vulnerability scanners typically perform all these functions, and can be considered as advanced fuzzer.

Such tools, among others, SPIKE Proxy, Peach fuzzer Framework, and WebScarab, powerfuzzer

Comments

Popular posts from this blog

Introduction Maltego

EXE file structure