what's the difference between fuzzing and blackbox testing? someone said fuzzing could be divided into two kinds: one is based on mutation, one is based on generation, which kind peach is?
Blackbox testing is considered testing with typically zero knowledge about
the system. For example, you might know the URL to a web application, but
nothing else. Blackbox testing is typically considered closest to what an
attacker would see.
Whitebox testing is the opsosite of this were you are usually given access
to developers, source code, documentation, typically also accounts with
different access levels, etc.
There is also a semi popular mixture of the two called "graybox" that mixed
both up.
The black/white/gray box stuff can be applied to many types of security
work, such as fuzzing, network penetration testing, application security
reviews, etc. My typical view is that a whitebox/graybox give you the most
ROI (return on investment) since the security consultant is given the most
information up front and doesn't have to spend allot of time "Breaking in"
to see the inside of things. Also, exposure of error paths, and backend
systems. On most security engagements that I have performed over the years
(many hundreds of application security reviews), I typically find at least
20% more issues in white/gray box then in blackbox.
As for mutational vs. generational fuzzing, Peach is a mixture of both.
mike
From: peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] On
Behalf Of zhiyong wu
Sent: Saturday, May 30, 2009 5:38 AM
To: peachfuzz@googlegroups.com
Subject: [Peach] other questions
what's the difference between fuzzing and blackbox testing?
someone said fuzzing could be divided into two kinds: one is based on
mutation, one is based on generation, which kind peach is?
thanks:
I told my classmates that Peach is the most powerful fuzzing tool, they
asked me why.
Actually I can't tell them cleanly in theroy, then I checked some books,
for example:
Fuzzing-Brute Force Vulnerability Discovery. The book also admitted that
Peach is advanced in theory, but it did not put much attation on peach and
said little about peach. In my opinion, Peach is flexible, reusable,
extensible, could run parallelly by agents, could monitor distrubuted
progroms(not sure about this one, but I told them surely), could fuzz deeply
based state model, has a general xml interface, and so on.
can you give me some materials describe your theory, if I can't understand,
I will ask you again.
best regards;
a joke about you.
we argued that why it is called peach.
one of my classmate guessed that because mike is fat and have a fat stomach;
until today I guessed that peach is fuzzy, and sulley is fuzzy too. am I
right?
thank you again for your kind and quick response, actually, many of my
students interested on your response.
best regards;
2009/5/31 Michael Eddington <medding...@gmail.com>
> Blackbox testing is considered testing with typically zero knowledge
> about the system. For example, you might know the URL to a web application,
> but nothing else. Blackbox testing is typically considered closest to what
> an attacker would see.
> Whitebox testing is the opsosite of this were you are usually given access
> to developers, source code, documentation, typically also accounts with
> different access levels, etc.
> There is also a semi popular mixture of the two called "graybox" that mixed
> both up.
> The black/white/gray box stuff can be applied to many types of security
> work, such as fuzzing, network penetration testing, application security
> reviews, etc. My typical view is that a whitebox/graybox give you the most
> ROI (return on investment) since the security consultant is given the most
> information up front and doesn't have to spend allot of time "Breaking in"
> to see the inside of things. Also, exposure of error paths, and backend
> systems. On most security engagements that I have performed over the years
> (many hundreds of application security reviews), I typically find at least
> 20% more issues in white/gray box then in blackbox.
> As for mutational vs. generational fuzzing, Peach is a mixture of both.
> mike
> *From:* peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] *On
> Behalf Of *zhiyong wu
> *Sent:* Saturday, May 30, 2009 5:38 AM
> *To:* peachfuzz@googlegroups.com
> *Subject:* [Peach] other questions
> what's the difference between fuzzing and blackbox testing?
> someone said fuzzing could be divided into two kinds: one is based on
> mutation, one is based on generation, which kind peach is?
> thanks:
> I told my classmates that Peach is the most powerful fuzzing tool, they
> asked me why.
> Actually I can't tell them cleanly in theroy, then I checked some books,
> for example:
> Fuzzing-Brute Force Vulnerability Discovery. The book also admitted that
> Peach is advanced in theory, but it did not put much attation on peach and
> said little about peach. In my opinion, Peach is flexible, reusable,
> extensible, could run parallelly by agents, could monitor distrubuted
> progroms(not sure about this one, but I told them surely), could fuzz deeply
> based state model, has a general xml interface, and so on.
> can you give me some materials describe your theory, if I can't understand,
> I will ask you again.
> best regards;
> a joke about you.
> we argued that why it is called peach.
> one of my classmate guessed that because mike is fat and have a fat
> stomach;
> until today I guessed that peach is fuzzy, and sulley is fuzzy too. am I
> right?
> thank you again for your kind and quick response, actually, many of my
> students interested on your response.
> best regards;
> 2009/5/31 Michael Eddington <medding...@gmail.com>
> Blackbox testing is considered testing with typically zero knowledge
>> about the system. For example, you might know the URL to a web application,
>> but nothing else. Blackbox testing is typically considered closest to what
>> an attacker would see.
>> Whitebox testing is the opsosite of this were you are usually given access
>> to developers, source code, documentation, typically also accounts with
>> different access levels, etc.
>> There is also a semi popular mixture of the two called "graybox" that
>> mixed both up.
>> The black/white/gray box stuff can be applied to many types of security
>> work, such as fuzzing, network penetration testing, application security
>> reviews, etc. My typical view is that a whitebox/graybox give you the most
>> ROI (return on investment) since the security consultant is given the most
>> information up front and doesn't have to spend allot of time "Breaking in"
>> to see the inside of things. Also, exposure of error paths, and backend
>> systems. On most security engagements that I have performed over the years
>> (many hundreds of application security reviews), I typically find at least
>> 20% more issues in white/gray box then in blackbox.
>> As for mutational vs. generational fuzzing, Peach is a mixture of both.
>> mike
>> *From:* peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] *On
>> Behalf Of *zhiyong wu
>> *Sent:* Saturday, May 30, 2009 5:38 AM
>> *To:* peachfuzz@googlegroups.com
>> *Subject:* [Peach] other questions
>> what's the difference between fuzzing and blackbox testing?
>> someone said fuzzing could be divided into two kinds: one is based on
>> mutation, one is based on generation, which kind peach is?
Thanks :) Peach is named due to "Peach Fuzz" the little hairs on peaches.
Thanks for that goes to Spoonm a security researcher who I worked with years
ago when I first developed Peach.
I'm not sure if I have any proper written materials that really go in to
depth about Peach. I probably should :) Mostly I have a large quantity of
slide decks, but that is not really helpful in this case I would guess.
mike
From: peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] On
Behalf Of zhiyong wu
Sent: Wednesday, June 03, 2009 2:25 AM
To: peachfuzz@googlegroups.com
Subject: [Peach] Re: other questions
thanks:
I told my classmates that Peach is the most powerful fuzzing tool, they
asked me why.
Actually I can't tell them cleanly in theroy, then I checked some books,
for example:
Fuzzing-Brute Force Vulnerability Discovery. The book also admitted that
Peach is advanced in theory, but it did not put much attation on peach and
said little about peach. In my opinion, Peach is flexible, reusable,
extensible, could run parallelly by agents, could monitor distrubuted
progroms(not sure about this one, but I told them surely), could fuzz deeply
based state model, has a general xml interface, and so on.
can you give me some materials describe your theory, if I can't understand,
I will ask you again.
best regards;
a joke about you.
we argued that why it is called peach.
one of my classmate guessed that because mike is fat and have a fat stomach;
until today I guessed that peach is fuzzy, and sulley is fuzzy too. am I
right?
thank you again for your kind and quick response, actually, many of my
students interested on your response.
best regards;
2009/5/31 Michael Eddington <medding...@gmail.com>
Blackbox testing is considered testing with typically zero knowledge about
the system. For example, you might know the URL to a web application, but
nothing else. Blackbox testing is typically considered closest to what an
attacker would see.
Whitebox testing is the opsosite of this were you are usually given access
to developers, source code, documentation, typically also accounts with
different access levels, etc.
There is also a semi popular mixture of the two called "graybox" that mixed
both up.
The black/white/gray box stuff can be applied to many types of security
work, such as fuzzing, network penetration testing, application security
reviews, etc. My typical view is that a whitebox/graybox give you the most
ROI (return on investment) since the security consultant is given the most
information up front and doesn't have to spend allot of time "Breaking in"
to see the inside of things. Also, exposure of error paths, and backend
systems. On most security engagements that I have performed over the years
(many hundreds of application security reviews), I typically find at least
20% more issues in white/gray box then in blackbox.
As for mutational vs. generational fuzzing, Peach is a mixture of both.
mike
From: peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] On
Behalf Of zhiyong wu
Sent: Saturday, May 30, 2009 5:38 AM
To: peachfuzz@googlegroups.com
Subject: [Peach] other questions
what's the difference between fuzzing and blackbox testing?
someone said fuzzing could be divided into two kinds: one is based on
mutation, one is based on generation, which kind peach is?
> Thanks :) Peach is named due to "Peach Fuzz" the little hairs on
> peaches. Thanks for that goes to Spoonm a security researcher who I worked
> with years ago when I first developed Peach.
> I'm not sure if I have any proper written materials that really go in to
> depth about Peach. I probably should :) Mostly I have a large quantity of
> slide decks, but that is not really helpful in this case I would guess.
> mike
> *From:* peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] *On
> Behalf Of *zhiyong wu
> *Sent:* Wednesday, June 03, 2009 2:25 AM
> *To:* peachfuzz@googlegroups.com
> *Subject:* [Peach] Re: other questions
> thanks:
> I told my classmates that Peach is the most powerful fuzzing tool, they
> asked me why.
> Actually I can't tell them cleanly in theroy, then I checked some books,
> for example:
> Fuzzing-Brute Force Vulnerability Discovery. The book also admitted that
> Peach is advanced in theory, but it did not put much attation on peach and
> said little about peach. In my opinion, Peach is flexible, reusable,
> extensible, could run parallelly by agents, could monitor distrubuted
> progroms(not sure about this one, but I told them surely), could fuzz deeply
> based state model, has a general xml interface, and so on.
> can you give me some materials describe your theory, if I can't understand,
> I will ask you again.
> best regards;
> a joke about you.
> we argued that why it is called peach.
> one of my classmate guessed that because mike is fat and have a fat
> stomach;
> until today I guessed that peach is fuzzy, and sulley is fuzzy too. am I
> right?
> thank you again for your kind and quick response, actually, many of my
> students interested on your response.
> best regards;
> 2009/5/31 Michael Eddington <medding...@gmail.com>
> Blackbox testing is considered testing with typically zero knowledge about
> the system. For example, you might know the URL to a web application, but
> nothing else. Blackbox testing is typically considered closest to what an
> attacker would see.
> Whitebox testing is the opsosite of this were you are usually given access
> to developers, source code, documentation, typically also accounts with
> different access levels, etc.
> There is also a semi popular mixture of the two called "graybox" that mixed
> both up.
> The black/white/gray box stuff can be applied to many types of security
> work, such as fuzzing, network penetration testing, application security
> reviews, etc. My typical view is that a whitebox/graybox give you the most
> ROI (return on investment) since the security consultant is given the most
> information up front and doesn't have to spend allot of time "Breaking in"
> to see the inside of things. Also, exposure of error paths, and backend
> systems. On most security engagements that I have performed over the years
> (many hundreds of application security reviews), I typically find at least
> 20% more issues in white/gray box then in blackbox.
> As for mutational vs. generational fuzzing, Peach is a mixture of both.
> mike
> *From:* peachfuzz@googlegroups.com [mailto:peachfuzz@googlegroups.com] *On
> Behalf Of *zhiyong wu
> *Sent:* Saturday, May 30, 2009 5:38 AM
> *To:* peachfuzz@googlegroups.com
> *Subject:* [Peach] other questions
> what's the difference between fuzzing and blackbox testing?
> someone said fuzzing could be divided into two kinds: one is based on
> mutation, one is based on generation, which kind peach is?
|
