Book of the Month – Fuzzing: Brute Force Vulnerability Discovery

Fuzzing is the most powerful and quick method to expose the security flaws in any product. In that direction, this is the first book which attempted to cover all aspects of fuzzing.  Written by prominent authors who mastered this field, the book not only explains the fundamentals but rich with practical examples too.

Authors start with explaining the Fuzzing, automating the tests and then go on explaining in detail various type of fuzzing including web fuzzing, file format fuzzing, network fuzzing, browser fuzzing, in-memory fuzzing etc. It is filled with numerous case studies, each one showcasing the unique vulnerability and its detection using fuzzing technique.

Here is the table of contents of the book


Chapter 1    Vulnerability Discovery Methodologies

Chapter 2    What Is Fuzzing?

Chapter 3    Fuzzing Methods and Fuzzer Types

Chapter 4    Data Representation and Analysis

Chapter 5    Requirements for Effective Fuzzing


Chapter 6    Automation and Data Generation

Chapter 7    Environment Variable and Argument Fuzzing

Chapter 8    Environment Variable and Argument Fuzzing: Automation

Chapter 9    Web Application and Server Fuzzing

Chapter 10  Web Application and Server Fuzzing: Automation

Chapter 11  File Format Fuzzing

Chapter 12  File Format Fuzzing: Automation on UNIX

Chapter 13  File Format Fuzzing: Automation on Windows

Chapter 14  Network Protocol Fuzzing

Chapter 15  Network Protocol Fuzzing: Automation on UNIX

Chapter 16  Network Protocol Fuzzing: Automation on Windows

Chapter 17  Web Browser Fuzzing

Chapter 18  Web Browser Fuzzing: Automation

Chapter 19  In-Memory Fuzzing

Chapter 20  In-Memory Fuzzing: Automation


Chapter 21  Fuzzing Frameworks

Chapter 22  Automated Protocol Dissection

Chapter 23  Fuzzer Tracking

Chapter 24  Intelligent Fault Detection


Chapter 25  Lessons Learned

Chapter 26  Looking Forward


Overall this is the great book to read on at least to find out if the bear is going to catch fish or not…!

[Ebook Download Link –]


Similar posts
  • Computer Security Tips: Stay Safe Onl... In recent times cyber security has raised the level of awareness and public consciousness as never before. Both large corporations and big organizations try to take care of online security as much as they can. That’s why cyber criminals and hackers have focused more on smaller companies and single entrepreneurs. This awful tendency leads to [...]
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]

Leave a Reply