« Zero-day sales not "fair" -- to researchers | Main | OFFTOPIC: Selling some application firewall domain names »

Google Home-brews Powerful Automatic Scanning Fuzzer

"Google's security team is home-brewing a powerful combination scanner and fuzzing tool that experts say will be unique outside of the commercial domain. In a posting on the Google security team's blog, Srinath Anantharaju said on July 16 that the security team has been working on a black-box fuzzing tool called Lemon, in the spirit of the word as it's used to denote defective products. Fuzz testing, or fuzzing, is a black-box software testing technique in which malformed data is injected automatically to find implementation bugs in code. In particular, Google is targeting XSS (cross-site scripting) bugs, according to Anantharaju."

Article Link: http://www.channelinsider.com/article/Google+Homebrews+Powerful+Automatic+Scanning+Fuzzer/211797_1.aspx


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!