From the course: Ethical Hacking: Vulnerability Analysis
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Fuzz testing
- [Instructor] Part of a vulnerability assessment is fuzz testing. Fuzz testing is a black box method that floods a system with input to discover errors and security gaps in systems and software. Fuzz testing goes through a process. First you'll need to identify the target and what target it is, well depends. It might be a web server or a network service, it really depends on what you'd like to test. Now, generally you'll use some type of software to run this test and what happens is the different input vectors and fuzz vectors have to be identified and understood. Now these input vectors could possibly be random data, possibly dangerous values. For example, with an integer we might use zero, or a negative number or a really large number. It could also be input from cookies or even data files. Some other fuzz vectors are those you might be familiar with. For example, a buffer overflow. Here we see fuzz vectors for an…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.