Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Fuzzing in the corporate world

Gadi Evron
Chaos Communication Congress 23th (23C3) 2006
Indexed on
Mar 27, 2013
File name
File size
48.2 MB

We will discuss fuzzing uses by software vendors and in the corporate world, for security auditing ("fuzzing before release") and third party testing ("fuzzing before purchase"). We will look at what contributed to this change in the use of fuzzing tools from home-grown hacking tools to commercial products, as well as how these organizations implement fuzzing into their development cycle. Fuzzing has been used for a long time in the hacker scene. Mostly, these tools have been home-grown. In the recent year, several commercial fuzzing tools appeared. These in turn are now utilized by organizations in the development cycle under the moto of "fuzzing before release", or "find the vulnerability before hackers do". Another interesting and somewhat unexpected development in the field is that end-clients are the largest consumers of advanced fuzzing technology, performing tests on software before purchase. Further, some large telcos and financial institutions now demand for products to be certified (even if not by an official seal) by fuzzing products which they authorize. Is fuzzing finally a solution to reduce vulnerabilities in products rather than just later discover them? How is it used by these corporations and third-party organizations? Some methodologies as well as examples will be presented, and we will also try to look into what the future holds.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !