-
Cross-site scripting
-
Fuzzing
-
Cross-site request forgery
-
Input validation
EXPLANATION
You can use fuzzing to inject semi-random data into a program or protocol stack in order to detect bugs.
Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.
Fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and his students. Their (continued) work can be found at http://www.cs.wisc.edu/~bart/fuzz/ ; it's mainly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.
0 comments:
Post a Comment