|
|
|
|
|
|
by Mutjake
4475 days ago
|
|
|
It's not antiquated at all, it is still very relevant for security testing. If you're hunting memory handling bugs, for example, fuzzing is probably the most cost effective way of doing it, if you can automate instrumentation (sample input and testing oracle, IMHO AddressSanitizer is the best option for the latter ATM). If you're interested, you might want to check the wiki page of Radamsa, a general-purpose fuzzer (shameless plug for my collague): https://code.google.com/p/ouspg/wiki/Radamsa I'm not sure how up to date the CVE list is, but it probably gives you an idea, if the fuzzing is still relevant or not :-) |
|
|