Resources

For a comprehensive library of research papers, click here.

Introductory articles

http://resources.infosecinstitute.com/intro-to-fuzzing/

http://www.brighthub.com/computing/smb-security/articles/9956.aspx

Blogs

http://gynvael.coldwind.pl/?id=524

http://fuzzing.info

http://www.squarefree.com/2007/08/02/introducing-jsfunfuzz/

http://ax330d.blogspot.com.au/

http://blog.mudynamics.com/category/fuzzing/

http://fuzztest.wordpress.com/

http://gdtr.wordpress.com/2012/05/11/fuzzing-hit-tracing/

Books

Fuzzing-focused

  • Fuzzing: Brute force vulnerability discovery  –  Michael Sutton/Pedram Amini/Adam Greene [amazon]
  • Fuzzing for software security testing and quality assurance  –  Ari Takanen/Jared DeMott/Charlie Miller [amazon]
  • Open source fuzzing tools  –  Noam Rathaus/Gadi Evron [amazon]

Includes content on fuzzing

  • Grey Hat Python  –  Justin Setiz [amazon]
  • Mac Hackers Handbook  –  Charlie Miller/Dino Dai Zovi [amazon]
  • iOS Hackers Handbook – Charlie Miller/Dino Dai Zovi/Dion Blazakis/Stefan Esser/Vincenzo Iozzo/Ralf-Philipp Weinmann [amazon]

Commercial Offerings

codenomicon – http://www.codenomicon.com/defensics/

Beyond Security BeStorm – http://www.beyondsecurity.com/black-box-testing.html

Spirent (previously MuSecurity) – http://www.spirent.com/Networks-and-Applications/App_Aware_Security

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s