Sökning: "Fuzzer"

Visar resultat 1 - 5 av 16 uppsatser innehållade ordet Fuzzer.

  1. 1. KARTAL: Web Application Vulnerability Hunting Using Large Language Models : Novel method for detecting logical vulnerabilities in web applications with finetuned Large Language Models

    Master-uppsats, KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Författare :Sinan Sakaoglu; [2023]
    Nyckelord :Broken Access Control; Vulnerability; Large Language Models; Web Application; API; Detection; Scanner; DAST; Application Security; Brutet åtkomstkontroll; Sårbarhet; Stora språkmodeller; Webbapplikation; API; Upptäckt; Skanner; DAST; Applikationssäkerhet;

    Sammanfattning : Broken Access Control is the most serious web application security risk as published by Open Worldwide Application Security Project (OWASP). This category has highly complex vulnerabilities such as Broken Object Level Authorization (BOLA) and Exposure of Sensitive Information. LÄS MER

  3. 2. GONet: Gradient Oriented Fuzzing for Stateful Network Protocol : Improving and Evaluating Fuzzing Efficiency of Stateful Protocol by Mutating Based on Gradient Information

    Master-uppsats, KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Författare :Quanyu Tao; [2023]
    Nyckelord :Fuzzing; Stateful Protocol; Gradient Oriented; Neural Network;

    Sammanfattning : Network protocol plays a crucial role in supporting a wide range of critical services, of which robustness and reliability are vital. Fuzzing, or fuzz testing, serves as an effective technique to uncover vulnerabilities in software programs. However, fuzzing becomes more complicated when dealing with network protocols due to their massive state. LÄS MER

  4. 3. Fuzzing of PKCS#11 Trusted Application

    Master-uppsats, Lunds universitet/Institutionen för elektro- och informationsteknik

    Författare :Kevin Zeng; [2022]
    Nyckelord :Fuzzing; white-box; PKCS#11; OP-TEE; AFL; Open-TEE; TA; Trusted Application; Technology and Engineering;

    Sammanfattning : The main goal of this thesis is to find an effective way to fuzz trusted applications (TAs) with source code residing in trusted execution environment (TEE). While fuzzing TAs has been previously done, no work has been found to utilize the source code of TAs to improve the fuzzing. LÄS MER

  5. 4. Fuzzy States : State Discovery with AFL

    Kandidat-uppsats, Malmö universitet/Fakulteten för teknik och samhälle (TS)

    Författare :Jim Andersson; Fredrik Jeppsson; [2022]
    Nyckelord :American fuzzy lop; afl; fuzzing; finite state machine; fuzz test; ijon;

    Sammanfattning : Fuzzing is a test method used to automatically generate test case inputs and to executea system under test (SUT) with those inputs. The method is traditionally used to discovercrash-inducing bugs in software. Fuzzing can generate thousands of inputs per secondand many implementations use smart techniques to reach deeply into the code. LÄS MER

  7. 5. The Hare, the Tortoise and the Fox : Extending Anti-Fuzzing

    Uppsats för yrkesexamina på avancerad nivå, Blekinge Tekniska Högskola/Institutionen för datavetenskap

    Författare :Anton Dewitz; William Olofsson; [2022]
    Nyckelord :anti-fuzzing; fuzz testing; benchmarking; coverage-accounting; fuzzing; anti-fuzzning; fuzz-testande; benchmarking; täckningsrapportering; fuzzning;

    Sammanfattning : Background. The goal of our master's thesis is to reduce the effectiveness of fuzzers using coverage accounting. The method we chose to carry out our goal is based on how the coverage accounting in TortoiseFuzz rates code paths to find memory corruption bugs. LÄS MER