By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
The is part three of a three part series on Property-based Fuzz Testing. This article lists a number of useful properties that are commonly used to validate the correctness and safety of code. If you are not sure how to apply property-based fuzzing to your code, this list should give you some inspiration.
The Hacker Mind Podcast: So You Want To Be A Pentester
To help more people to become penetration testers, Kim Crawley and Phillip L. Wylie wrote The PenTester BluePrint: Starting A Career As An Ethical Hacker. In this episode of The Hacker Mind, Kim talks about the practical steps anyone can take to gain the skills and confidence necessary to become a penetration tester.
Read More
No items found.
To All The Tools I’ve Loved Before: The Fling (SCA)
Valentine’s Day has unfortunately come to a close. What follows love? Heartbreak. That’s right, it's time to dust off your best stationary and bust out the ice cream because we’re writing a series of appsec break up letters.
Fuzzing is the automated process of finding software bugs by feeding random data into a target program until one of those permutations reveals a flaw. Property-based testing is a form of fuzzing. Property-based testing feeds random data into an application (or function) and detects flaws. It is particularly powerful as it allows developers to define and check custom correctness and safety policies, i.e. properties they define in their test.
How to Address Software Reliability, Security, and Quality Requirements with Fuzz Testing
Confidentiality, integrity, and availability are considered the three core principles of security. Similar to a three-bar stool, security falls apart without any one of these components. Learn how fuzz testing helps with the CIA triad.
How do the current DMCA laws impact those who hack digital devices? And why doesn’t our basic right to repair our devices extend into the digital world? To answer these questions, Paul Roberts, Editor-in-Chief of the Security Ledger, founded secureparis.org, a group of infosec experts who are volunteering to fight for the right to repair.
Learn how to take your fuzzing targets beyond memory errors and crashes to finding correctness and even efficiency issues using Property-based fuzzing.
Imagine if all of the sudden satellites across the world stopped working. Services that we take for granted such as navigation, satellite imagery, weather, and even time-keeping would become unavailable seemingly without explanation. This software contained a code execution bug discovered by ForAllSecure's Mayhem.