Essays about: "Fuzzer"

Showing result 1 - 5 of 16 essays containing the word Fuzzer.

  1. 1. KARTAL: Web Application Vulnerability Hunting Using Large Language Models : Novel method for detecting logical vulnerabilities in web applications with finetuned Large Language Models

    University essay from KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Author : Sinan Sakaoglu; [2023]
    Keywords : Broken Access Control; Vulnerability; Large Language Models; Web Application; API; Detection; Scanner; DAST; Application Security; Brutet åtkomstkontroll; Sårbarhet; Stora språkmodeller; Webbapplikation; API; Upptäckt; Skanner; DAST; Applikationssäkerhet;

    Abstract : Broken Access Control is the most serious web application security risk as published by Open Worldwide Application Security Project (OWASP). This category has highly complex vulnerabilities such as Broken Object Level Authorization (BOLA) and Exposure of Sensitive Information. READ MORE

  3. 2. GONet: Gradient Oriented Fuzzing for Stateful Network Protocol : Improving and Evaluating Fuzzing Efficiency of Stateful Protocol by Mutating Based on Gradient Information

    University essay from KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Author : Quanyu Tao; [2023]
    Keywords : Fuzzing; Stateful Protocol; Gradient Oriented; Neural Network;

    Abstract : Network protocol plays a crucial role in supporting a wide range of critical services, of which robustness and reliability are vital. Fuzzing, or fuzz testing, serves as an effective technique to uncover vulnerabilities in software programs. However, fuzzing becomes more complicated when dealing with network protocols due to their massive state. READ MORE

  4. 3. Fuzzing of PKCS#11 Trusted Application

    University essay from Lunds universitet/Institutionen för elektro- och informationsteknik

    Author : Kevin Zeng; [2022]
    Keywords : Fuzzing; white-box; PKCS#11; OP-TEE; AFL; Open-TEE; TA; Trusted Application; Technology and Engineering;

    Abstract : The main goal of this thesis is to find an effective way to fuzz trusted applications (TAs) with source code residing in trusted execution environment (TEE). While fuzzing TAs has been previously done, no work has been found to utilize the source code of TAs to improve the fuzzing. READ MORE

  5. 4. Fuzzy States : State Discovery with AFL

    University essay from Malmö universitet/Fakulteten för teknik och samhälle (TS)

    Author : Jim Andersson; Fredrik Jeppsson; [2022]
    Keywords : American fuzzy lop; afl; fuzzing; finite state machine; fuzz test; ijon;

    Abstract : Fuzzing is a test method used to automatically generate test case inputs and to executea system under test (SUT) with those inputs. The method is traditionally used to discovercrash-inducing bugs in software. Fuzzing can generate thousands of inputs per secondand many implementations use smart techniques to reach deeply into the code. READ MORE

  6. 5. The Hare, the Tortoise and the Fox : Extending Anti-Fuzzing

    University essay from Blekinge Tekniska Högskola/Institutionen för datavetenskap

    Author : Anton Dewitz; William Olofsson; [2022]
    Keywords : anti-fuzzing; fuzz testing; benchmarking; coverage-accounting; fuzzing; anti-fuzzning; fuzz-testande; benchmarking; täckningsrapportering; fuzzning;

    Abstract : Background. The goal of our master's thesis is to reduce the effectiveness of fuzzers using coverage accounting. The method we chose to carry out our goal is based on how the coverage accounting in TortoiseFuzz rates code paths to find memory corruption bugs. READ MORE