DATA MINER: Jaanus Kääp - Automated fuzz testing of closed source applications based on the code cov, DATA MINER: TestCon Vilnius 2016 HD
00:36:01
-
DATA MINER: TestCon Vilnius 2016 official aftermovie
DATA MINER 00:02:16 -
DATA MINER: Steve Portch - What is UAT and, more importantly, what it isn’t
DATA MINER 00:47:33 -
DATA MINER: John Clapham - Improving Testing Quality by Changing Culture
DATA MINER 00:42:21 -
DATA MINER: Igor Khrol - Test Automation: Do the Same but Better
DATA MINER 00:41:01 -
DATA MINER: Ard Kramer - Test Flow: Improve Yourself with Mental Training
DATA MINER 00:41:58 -
DATA MINER: Jon Hare-Winton - Freeing up Selenium
DATA MINER 00:38:09 -
DATA MINER: Baris Sarialioglu - Myths & Challenges of Agile Testing
DATA MINER 00:38:41 -
DATA MINER: Vaidas Pilkauskas - Can You Trust Your Tests?
DATA MINER 00:31:03 -
DATA MINER: Ilari Henrik Aegerter - No Such Thing as Manual Testing and Other Confusions
DATA MINER 00:41:27 -
DATA MINER: Nicolae Oprean - Code Review Techniques for Test Automation
DATA MINER 00:40:37 -
DATA MINER: Dan Cuellar - Appium: An Open Source Software Success Story
DATA MINER 00:38:49 -
DATA MINER: Aleksandr Kublickij - Big Data: From Testing to Governance
DATA MINER 00:27:39 -
DATA MINER: Shai Yallin - TDD: Cultivating a Beginner’s Mind
DATA MINER 00:47:50 -
DATA MINER: Isabelle Robrechts - Test Metrics – a thread or a threat
DATA MINER 00:39:04 -
DATA MINER: Nicholas Hjelmberg - Learning testing through gaming
DATA MINER 00:33:44 -
DATA MINER: Roland van Leusden - Performance Testing and Big Data
DATA MINER 00:39:46 -
DATA MINER: Jaanus Kääp - Automated fuzz testing of closed source applications based on the code cov
DATA MINER 00:36:01 -
DATA MINER: Bas Dijkstra - Deploy and Destroy Complete Test Environments:
DATA MINER 00:39:35 -
DATA MINER: Gerlof Hoekstra - The test report is dead, long live information!
DATA MINER 00:34:09 -
DATA MINER: Ewald Roodenrijs - The Real Cloud Testing Story
DATA MINER 00:32:47 -
DATA MINER: David Evans - The Pillars of Agile Testing
DATA MINER 00:51:32
DATA MINER 239 роликов
94 просмотра на сайте 12n.ru
Jaanus Kääp - Automated fuzz testing of closed source applications based on the code cov.
TestCon Vilnius 2016. Software Testing & QA Conference. October 21, 2016 | Automated fuzz testing of closed source applications based on the code coverage (corpus distillation)With constantly improving development environments and software, it should become harder and harder to find new security issues without diving very deep into the implementation or inventing new fuzzing techniques. But reality is not reflecting this assumption. With zero knowledge of the protocol/format, the attacker can often find new issues by simple method like bit flipping combined with smart file selection. And this works even against largest vendors!That simple method was used by the author of this talk, to find tens of vulnerabilities in many document readers (by vendors like Adobe, Apple, Microsoft etc) without any knowledge in file formats themselves and minimal resources. The talk focuses on the method and the tool development for such vulnerability research.
развернуть свернуть