In this lecture we will be talking about fuzz testing, a process for finding bugs in your code which may also be security vulnerabilities.
If you are using property-based testing with Hypothesis, this means that you are already fuzzing your code. But we aren't going to talk about Hypothesis here, or, at least not much.
We will start with what fuzzing is and where does it come from and then we will learn about Atheris, a coverage guided fuzzer for Python and CPython extensions code. We will look how and what for others use it to see how we can leverage it to test our code better.
Rozłączony zawodowo zajmuje się audytami bezpieczeństwa oprogramowania w Trail of Bits, szukając dziur poprzez manualną analizę działanie kodu, narzędzia do statycznej analizy kodu oraz fuzzery. Poza pracą grywa CTFy z justCatTheFish, reviewuje artykuły w Paged Out! oraz Magazyn Programista, wspina się oraz jeździ na łyżwach.
SpotOn is a software company dedicated to redefining the merchant services industry. SpotOn combines payment processing with customer engagement and business management solutions, giving small and medium businesses the data and tools they need to run and grow their business.
Our tools increase revenue and connect businesses with their customers using rewards, deals, online reviews, website building, and data analytics.
Tools like these were previously only available to big businesses with big bankrolls and their own developers, but our platform caters to neighborhood stores, independent retailers, and other small to midsize businesses. We have our service deployed in many cities across the U.S. and Mexico.
Our technologies - Backend (Python, Golang) - Front end (React) - Mobile development (iOS i Android) - Testing & Designing
Our industries - Restaurants Payment solutions, printers & facilities - Services Booking management systems - Retail & e-commerce Powerful websites