In weniger als einer Minute können Sie mit dem Lesen von Fuzzing for Software Security Testing and Quality Assurance auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen Oder fangen Sie mit einer unserer gratis Kindle Lese-Apps sofort an zu lesen.

An Ihren Kindle oder ein anderes Gerät senden

 
 
 

Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.
Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Farbe:
Keine Abbildung vorhanden

 

Fuzzing for Software Security Testing and Quality Assurance (Artech House Information Security and Privacy) [Kindle Edition]

Ari Takanen , Jared DeMott , Charlie Miller
4.0 von 5 Sternen  Alle Rezensionen anzeigen (1 Kundenrezension)

Kindle-Preis: EUR 54,59 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 54,59  
Gebundene Ausgabe EUR 74,06  

Produktbeschreibungen

Kurzbeschreibung

"A fascinating look at the new direction fuzzing technology is taking -- useful for both QA engineers and bug hunters alike!"

--Dave Aitel, CTO, Immunity Inc.

Learn the code cracker's malicious mindset, so you can find worn-size holes in the software you are designing, testing, and building. Fuzzing for Software Security Testing and Quality Assurance takes a weapon from the black-hat arsenal to give you a powerful new tool to build secure, high-quality software. This practical resource helps you add extra protection without adding expense or time to already tight schedules and budgets. The book shows you how to make fuzzing a standard practice that integrates seamlessly with all development activities.

This comprehensive reference goes through each phase of software development and points out where testing and auditing can tighten security. It surveys all popular commercial fuzzing tools and explains how to select the right one for a software development project. The book also identifies those cases where commercial tools fall short and when there is a need for building your own fuzzing tools.

Synopsis

"Fuzzing for Software Security Testing and Quality Assurance" gives software developers a powerful new tool to build secure, high-quality software, and takes a weapon from the malicious hackers' arsenal. This practical resource helps developers think like a software cracker, so they can find and patch flaws in software before harmful viruses, worms, and Trojans can use these vulnerabilities to rampage systems. Traditional software programmers and testers learn how to make fuzzing a standard practice that integrates seamlessly with all development activities. The book progresses through each phase of software development and points out where testing and auditing can tighten security. It surveys all popular commercial fuzzing tools and explains how to select the right one for a software development project. The book also covers those cases where commercial tools fall short and developers need to build their own custom fuzzing tools.

Produktinformation

  • Format: Kindle Edition
  • Dateigröße: 6895 KB
  • Seitenzahl der Print-Ausgabe: 287 Seiten
  • Verlag: Artec House; Auflage: 1 (30. Juni 2008)
  • Verkauf durch: Amazon Media EU S.à r.l.
  • Sprache: Englisch
  • ASIN: B003YFJ71Q
  • Text-to-Speech (Vorlesemodus): Aktiviert
  • X-Ray:
  • Durchschnittliche Kundenbewertung: 4.0 von 5 Sternen  Alle Rezensionen anzeigen (1 Kundenrezension)
  • Amazon Bestseller-Rang: #443.192 Bezahlt in Kindle-Shop (Siehe Top 100 Bezahlt in Kindle-Shop)

  •  Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?

Mehr über die Autoren

Entdecken Sie Bücher, lesen Sie über Autoren und mehr

Kundenrezensionen

5 Sterne
0
3 Sterne
0
2 Sterne
0
1 Sterne
0
4.0 von 5 Sternen
4.0 von 5 Sternen
Die hilfreichsten Kundenrezensionen
1 von 1 Kunden fanden die folgende Rezension hilfreich
Format:Gebundene Ausgabe
Ari Takanen and his Co authors are marvellous. Ari is one of the most influencing technical experts in Finland. In this book all is said about Software- and Security- Testing, A must for Security Auditors, QA-Specialists in Software Development, Auditors and IT-Security/Network Security Specialists. Most of the so called specialists only use normal Vulnerability Scanners to find Security holes. This is not enough. Real Hackers and real Security Specialists go beyond that. Robustness Testing is THE way to find Zero-Day Vulnerabilities in Systems. Bravo Ari!
War diese Rezension für Sie hilfreich?
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
Amazon.com: 3.0 von 5 Sternen  2 Rezensionen
7 von 9 Kunden fanden die folgende Rezension hilfreich
1.0 von 5 Sternen Disappointing and a mess 17. Juni 2009
Von User 1138 - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe
The introduction to this book mentions its broken up history, being picked up and abandoned a couple times. It definitely shows in the writing, which is unfocused, choppy, and repetitive. Most of the first half is taken up with repetitive descriptions of the general software testing process. The second half contains a summary of one author's thesis on using evolutionary algorithms for fuzzing and the final author's use of various fuzzing tools to try to find hand-inserted vulnerabilities. While the latter half is better than the first, each topic is worthy of a single blog post. Given this book's price and the authors' reputations, I expected more.

At the same time, I read "Gray Hat Python" and it was enjoyable. Even though it had a much broader focus on other topics, it contained more hands-on info on fuzzing tools. I'm also interested in "Fuzzing: Brute Force Vulnerability Discovery", although I have not read it yet.

Don't waste your time on this book. Download the Sulley manual, read the slides from a few Blackhat talks, and you'll be at the state of the art for current fuzzing knowledge.
3 von 5 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen One of the Best Resources on Fuzzing by Highly Skilled ex-NSA Employees 8. August 2008
Von Robert - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe|Verifizierter Kauf
Fuzzing generally involves testing the parameters of an application using random or specifically formatted randomized input to evaluate whether a given application crashes and/ or can be exploited. At least two of the authors have worked at the National Security Agency. Dr. Charlie Miller is well known for publishing an interesting article on the economics of the black market trading of security vulnerabilities (avaliable at weis2007.econinfosec.org/papers/29.pdf). Dr. Miller demonstrated the utility of the procedures discussed in this book at BlackHat 2008. This book provides insight into an area of research that is not usually publicly avaliable. The book details a number of open-source and commercially avaliable fuzzers and their relative reliability in finding bugs. Fuzzers are one of the most reliable methods for finding vulnerabilities in closed source programs. The book is conceptually accessible to an individual with some knowledge of secure programming and vulnerabilities.
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.
Kundenrezensionen suchen
Nur in den Rezensionen zu diesem Produkt suchen

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Thema:
Erster Beitrag:
Eingabe des Log-ins
 

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen
   


Ähnliche Artikel finden