PyFuzzer:automatic in-memory fuzz testing method
Fuzz Testing is an effective method to mine all kinds of vulnerabilities.But the main drawbacks to current fuzz testing tools are:firstly,it produces high volume testing data and it’s extraordinary time consumption; secondly,if the accessing needs authentication,the greatest part of test data will b...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2013-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.013/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539743801671680 |
|---|---|
| author | Wei-ming LI Jun-qing YU Shao-bo AI |
| author_facet | Wei-ming LI Jun-qing YU Shao-bo AI |
| author_sort | Wei-ming LI |
| collection | DOAJ |
| description | Fuzz Testing is an effective method to mine all kinds of vulnerabilities.But the main drawbacks to current fuzz testing tools are:firstly,it produces high volume testing data and it’s extraordinary time consumption; secondly,if the accessing needs authentication,the greatest part of test data will be abandoned.PyFuzzer,a novel automatic in-memory fuzz testing tool combining static analysis,dynamic analysis and in-memory fuzz testing,was presented.The tool is highly automatic and effective.Compared with 4n FTP Fuzzer in testing WarFTPD and Serv-U,PyFuzzer can discover all vulnerabilities and improve test efficiency greatly. |
| format | Article |
| id | doaj-art-7f97b237ed6a4c3f929e0fa442944237 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2013-09-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-7f97b237ed6a4c3f929e0fa4429442372025-01-14T06:42:12ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2013-09-0134646859678010PyFuzzer:automatic in-memory fuzz testing methodWei-ming LIJun-qing YUShao-bo AIFuzz Testing is an effective method to mine all kinds of vulnerabilities.But the main drawbacks to current fuzz testing tools are:firstly,it produces high volume testing data and it’s extraordinary time consumption; secondly,if the accessing needs authentication,the greatest part of test data will be abandoned.PyFuzzer,a novel automatic in-memory fuzz testing tool combining static analysis,dynamic analysis and in-memory fuzz testing,was presented.The tool is highly automatic and effective.Compared with 4n FTP Fuzzer in testing WarFTPD and Serv-U,PyFuzzer can discover all vulnerabilities and improve test efficiency greatly.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.013/fuzz testingstatic analysisdynamic trackingvulnerabilities excavate |
| spellingShingle | Wei-ming LI Jun-qing YU Shao-bo AI PyFuzzer:automatic in-memory fuzz testing method Tongxin xuebao fuzz testing static analysis dynamic tracking vulnerabilities excavate |
| title | PyFuzzer:automatic in-memory fuzz testing method |
| title_full | PyFuzzer:automatic in-memory fuzz testing method |
| title_fullStr | PyFuzzer:automatic in-memory fuzz testing method |
| title_full_unstemmed | PyFuzzer:automatic in-memory fuzz testing method |
| title_short | PyFuzzer:automatic in-memory fuzz testing method |
| title_sort | pyfuzzer automatic in memory fuzz testing method |
| topic | fuzz testing static analysis dynamic tracking vulnerabilities excavate |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.013/ |
| work_keys_str_mv | AT weimingli pyfuzzerautomaticinmemoryfuzztestingmethod AT junqingyu pyfuzzerautomaticinmemoryfuzztestingmethod AT shaoboai pyfuzzerautomaticinmemoryfuzztestingmethod |