Fuzzer is called to application used at fuzzing process. And fuzzing is process or method used to find out a logic error and failure in a data processing applications by providing an abnormal input into an application and see the same practice and learn how to handle the exception that there.
A fuzzer basically works by sending data simultaneously and repeatedly either automatically or semi-automatic into a software for processing. Data which is input data which is usually not normal, but the data that are made specifically, such as using special characters or has the number / length of data that is not normal.
There are two kinds of Fuzzer based on the workings :
- Mutation-based fuzzer, works by utilizing the sample data that has gone before.
- Generation-based fuzzer, work from the start, by making the data model in accordance with the application to be tested, whether the application uses a data input-based protocol or filetype-based.
Application fuzzer itself has been much made for a wide range of interests. ranging from commercial fuzzer to opensource fuzzer has much to enliven the fuzzing world.
In the world of open source fuzzer, many fuzzer framework known as:
In the world of open source fuzzer, many fuzzer framework known as:
- Peach
- spike
- JBozz
- Bed, etc
Tidak ada komentar:
Posting Komentar