Wednesday, March 14, 2012

Impressions: Fuzzing

Fuzzing by Michael Sutton, Adam Greene and Pedram Amini struck me as a good overview of many types of fuzzing techniques. If you read the Amazon.com reviews, particularly the verdict by Chris Gates, you'll see what I mean. For my purposes, the degree to which the authors covered the material was just right. If you're more in the trenches with this topic, you would probably want more from a book on fuzzing.

I liked the following aspects of the book: integration of history, real examples, diversity of approaches, case studies, and examples. I thought the book was easy to read and well presented. Paired with more specific, newer books on finding vulnerabilities, I think Fuzzing is a winner.

My only real dislike involved the quotes by former US President George W. Bush at the start of each chapter. I thought they were irrelevant and a distraction.

5 comments:

Anonymous said...

Amazon says this book is five years old. Is that the right one, or did you read an early copy of a new edition?

Richard Bejtlich said...

Yes, that's the right one. I did not read a preview of a new edition.

Lynn said...

Thanks for the info, will have to check it out!

Anonymous said...

The 2011 Verizon Data Breach and IBM Xforce reports were both released today. Looking forward to your comments.

Pedram Amini said...

Thanks for the review! The W quotes was the most fun part of the book for me. You must have missed my dedication ;-)

http://my.safaribooksonline.com/9780321446114/copyrightpg?portal=oreilly#X2ludGVybmFsX1ByaW50RmlkZWxpdHk/eG1saWQ9OTc4MDMyMTQ0NjExNC9jb3B5cmlnaHRwZyZpbWFnZXBhZ2U9dg==

-pedram