|
|
|
|
|
|
by perlgeek
2951 days ago
|
|
|
One approach is to think of a class of bug (like SQL injection, command injection, XSRF, ...), and look for that class of bugs in a large number of software products. Another is to focus on components that are of high impact because they are used everywhere: standard UNIX tools, compilers, shells, OpenSSL and friends, BIOS, CPUs, common network controllers, disk firmware etc. and analyze them for anything you can think of, run a fuzzer on them etc. |
|
|