SANS Penetration Testing: Category - fuzzing

SANS Penetration Testing:

Using Fuzzing to Spice Up a Penetration Test

[Editor's Note: Josh Wright has some excellent recommendations and tips in this article about integrating fuzzing tools and techniques into your penetration testing engagements and ethical hacking work. Whether you are new to fuzzing or a tried-and-true expert, Josh has some great ideas for getting the most out of your pen test projects using the wonderful Sulley tool and some custom Python scripts he has created. This article was originally included in the September 2011 issue of PenTest Magazine, which has graciously granted us permission to feature it here. There are lots of cool ideas for you to check out. --Ed.]

by Joshua Wright

Protocol fuzzing has been a popular technique for bug discovery with a number of tools, books, and papers describing the benefits and drawbacks. Although typically used for bug discovery in a lab environment, there are opportunities to use fuzzing in a penetration testing role too. Not