Contents
1. Introduction.
1.1 Software Security.
1.2 Software Quality.
1.3 Fuzzing.
1.4 Book Goals and Layout.
2. Software Vulnerability Analysis.
2.1 Purpose of Vulnerability Analysis.
2.2 People Conducting Vulnerability Analysis.
2.3 Target Software.
2.4 Basic Bug Categories.
2.5 Bug Hunting Techniques.
2.6 Fuzzing.
2.7 Defenses.
2.8 Summary.
3. Quality Assurance and Testing.
3.1 Quality Assurance and Security.
3.2 Measuring Quality.
3.3 Testing for Quality.
3.4 Main Categories of Testing.
3.5 White-Box Testing.
3.6 Black-Box Testing.
3.7 Purpose of Black-Box Testing.
3.8 Testing Metrics.
3.9 Black-Box Testing Techniques for Security.
3.10 Summary.
4. Fuzzing Metrics.
4.1 Threat Analysis and Risk-Based Testing.
4.2 Transition to Proactive Security.
4.3 Defect Metrics and Security.
4.4 Test Automation for Security.
4.5 Summary.
5. Building and Classifying Fuzzers.
5.1 Fuzzing Methods.
5.2 Detailed View of Fuzzer Types.
5.3 Fuzzer Classification via Interface.
5.4 Summary.
6. Target Monitoring.
6.1 What Can Go Wrong and What Does It Look Like.
6.2 Methods of Monitoring.
6.3 Advanced Methods.
6.4 Monitoring Overview.
6.5 A Test Program.
6.6 Case Study: PCRE.
6.7 Summary.
7. Advanced Fuzzing
7.1 Automatic Protocol Discovery.
7.2 Using Code Coverage Information.
7.3 Symbolic Execution.
7.4 Evolutionary Fuzzing.
7.5 Summary.
8. Fuzzer Comparison.
8.1 Fuzzing Lifecycle.
8.2 Evaluating Fuzzers.
8.3 Introducing the Fuzzers.
8.4 The Targets.
8.5 The Bugs.
8.6 Results.
8.7 A Closer Look at the Results.
8.8 General Conclusions.
8.9 Summary.
9. Fuzzing Case Studies.
9.1 Enterprise Fuzzing.
9.2 Carrier and Service Provider Fuzzing.
9.3 Application Developer Fuzzing.
9.4 Network Equipment Manufacturer Fuzzing.
9.5 Industrial Automation Fuzzing.
9.6 Blackbox Fuzzing for Security Researchers.
9.7 Summary.