This document discusses fuzz testing using the FuzzGuru framework at Microsoft. It provides an overview of fuzz testing, describes the FuzzGuru architecture which includes tools for designing fuzz tests, running experiments, and investigating results. It also addresses common questions about fuzz testing and outlines the process for designing fuzz tests including creating schemas and test cases to target specific code paths.
Drupal & Continous Integration - SF State Study CaseEmanuele Quinto
HigherEd Drupal Summit @ BADCamp 2011 (http://2011.badcamp.net/higher-education-drupal-summit)
Cal State San Francisco will talk about how they implemented their drupal development cycle process based on continuous integration and QuickBuild.
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program. The presentation covers types of fuzzers and describes how they work. We will write and run a real fuzzer. Also it shows how fuzzers can guess correct CRC checksums, help with regression testing and find logical bugs in programs. Finally, it summarizes fuzzing usage at Google.
Drupal & Continous Integration - SF State Study CaseEmanuele Quinto
HigherEd Drupal Summit @ BADCamp 2011 (http://2011.badcamp.net/higher-education-drupal-summit)
Cal State San Francisco will talk about how they implemented their drupal development cycle process based on continuous integration and QuickBuild.
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program. The presentation covers types of fuzzers and describes how they work. We will write and run a real fuzzer. Also it shows how fuzzers can guess correct CRC checksums, help with regression testing and find logical bugs in programs. Finally, it summarizes fuzzing usage at Google.
Parasoft delivers a complete framework to create, manage, and extract greater value from unit tests. We help you exercise and test an incomplete system—enabling you to identify problems when they are least difficult, costly, and time-consuming to fix. This reduces the length and cost of downstream processes such as debugging. Moreover, since all tests are written at the unit level, the test suite can be run independent of the complete system. This allows you to isolate code behavior changes, reduces setup complexities, and makes it practical to execute the test suite on a daily basis.
5/13/13 presentation to Austin DevOps Meetup Group, describing our system for deploying 15 websites and supporting services in multiple languages to bare redhat 6 VMs. All system-wide software is installed using RPMs, and all application software is installed using GIT or Tarball.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
Owasp Il 7 Fuzz Guru
1. Fuzzing in Microsoft and
FuzzGuru framework
John Neystadt
OWASP-IL
jney@microsoft.com
May-2007
Lead Program Manager
Forefront Edge, Microsoft
2. Agenda
• Overview
– Introduction to Fuzzing
– FuzzGuru Architecture
– Demo
• Testing
– Designing Fuzzing Test
– Preparation for Fuzz Testing
– Performing Fuzz Testing
– Completing Fuzzing Coverage
– Fuzzing in ISA
2
3. Introduction to Fuzzing
• Tired of Code Reviews?
– Fuzz testing is about automatic testing of
malformed input handling
– Fuzzing Target is code, not data. Its white
box testing - no need to exhaust all data
combinations, that code doesn’t
distinguish
– In the past dumb fuzzing was made to
randomly corrupt bits of data., This
penetrates only top data handling layers,
since something basic (checksum, first
fields) would be broken and inner code
paths wouldn’t be reached
– Smart is about systematic testing of all
code paths that process data. Corrupt
fields one by one, preserving general
validity of the packet (Content-Length,
Checksums, Base64 encoding, etc)
3
4. Case for Fuzzing
• Over 70% of security vulnerabilities Microsoft
patched in 2006 were found by fuzzing
• Many open-source tools and some commercial
products that do fuzzing of specific protocols or
formats are available
• SDL - Microsoft Security Development Lifecycle
– Internal “security” bible mandatory for all Microsoft
teams
– Mandates fuzzing for Files, RPC, DCOM, Network,
ActiveXs as part of product development lifecycle
4
5. What I wanted to know about
Fuzzing, but didn’t dare to ask
• Fuzzing finds Access Violations and Buffer Overruns, not
functional problems
• Fuzzing requests usually fail, since they are malformed
• Often fuzzing bugs are in clean-up code paths: leaks,
synchronization and timing issues.
• Fuzz both client and server code – simulating malicious
server has high chance of finding bugs!
• If a bug happens when two independently fields are
malformed, FuzzGuru will not find it
• Both C++ and C# (or Java) code should be fuzzed if it
processes data from untrusted source
5
6. FuzzGuru Architecture
FuzzGuru Development Framework
Development Guide Schema Editor Simulator
+Getting Started +Define Data Schema() +Validate Schema Correctness()
+SDK +Define Fuzzing Test Cases() +Validate Template Parsing()
+Samples +Import XML XSDs() +Simulate Fuzzing()
Fuzzing Stress Framework
1. learn 2. define schema 4. simulate Fuzzing Experiment Configuration Editor
5. create fuzzing experiment configuration +Define Fuzzing Experiments()
Input Templates
3. prepare templates
+Valid files
6. run manual test
+Network captures
+Generated by test tool
2.1 reuse existing schemas
Command Line (fgcmd.exe) Fuzzing Experiment Runner GUI
Ready Fuzzing Schemas
+Run Experiment() +Run in GUI()
7. develop automation
HTTP +Trace to DBMON() +View Traces in GUI()
GZIP
Test Owner «datatype»
SMTP
Fuzzing Experiments
FTP use as command line
8. investigate the results
DNS +File Fuzzer (using fuzzing schema)
SOCKS +XML Fuzzer (using XSD schema)
9. extend the framework
MIME +TCP/UDP Clients/Servers
+TCP / UDP Man-in-the-middle (Redirector)
Test Automation +Custom (implemented by user)
+Run Fuzzing Stress()
Scripts or Test Harness
+Repro Bugs()
implement custom experiments +Provide Traces()
Investigate the results
+Fuzzing Traces
«uses»
Custom Test Tools
+Code Coverage Analysis
+Update Test Coverage use fuzzing API from test code
Data Fuzzing Framework
Extensibility Interfaces Fuzzing API
«datatype»
«datatype» «datatype» «datatype»
Fuzzers
Data Elements Encoders Relations
+String
+String (ANSI, Unicode) +Unicode (UTF*) / Windows Char Set +Presence
+Numeric
+Binary Data +Base 64 +Buffer / Length
+Numeric String
+Grouping Elements +Special XML Encoder +Group / Count
+Unicode-specific
+XML +Custom (implemented by user) +Custom (implemented by user)
+XML
+Custom (implemented by user)
+Group Fuzzers
+Custom Fuzzers
6
7. Designing Fuzzing Test
• Fuzzing a protocol - create schema or customize a ready one
– Define schema for parts of the protocol, need to be fuzzed
– More later
• Defining fuzzing Test Cases
– Fuzzing Test Cases choose a subset of schema (elements and fuzzers) to be applied for
relevant scenario
– FuzzGuru command line tool gets test case id as parameter
– FuzzGuru API requires test case id to generate malformed packets
– Test Case can be used for focused fuzzing to test specific fixes
• Create fuzzing Templates
– Obtain real world data captures or generated by test programmatically
– Templates are “equivalence classes”, choose minimum number to cover all your scenarios
– Template must adhere to schema, you can use placeholder elements in schema to skip
irrelevant parts
• Use FuzzGuru GUI Simulator to verify test cases and templates
– Verify template is parsed correctly
– See which fuzzers are chosen (simulator trace)
– Inspect output to inspect malformed requests
7
8. Manual or Automated
Fuzz Testing
• FuzzGuru Experiments – ready tools for common fuzzing scenarios
– Gets schema, mutation template and test case name
– Ready tcp/udp server/client, man-in-the middle redirector, file, xml modes
– Extensive - can develop custom experiments
– Generates “stress” of upto 500 tcp cps or 11,000 udp packets
– Supports recording/playback of repro buffer
– Generates perf counters
– Writes fuzzing traces to dbmon
• Manual Test Running (GUI)
– Define Experiment Configuration (FuzzGuru GUI, Tools | Experiment Configuration Editor)
– Run experiments interactively (FuzzGuru GUI, Tools | Experiment Runner)
• Scriptable Automation
– Define Experiment Configuration (FuzzGuru GUI, Tools | Experiment Configuration Editor)
– Call experiments from command line interface (fgcmd.exe)
• Integrate into your own test tools
– Call DataFuzzer APIs from your own test tool, providing it schema, mutation template and
test case name
8
9. Demo
• Run BinUrt2DemoApp.exe
• Run HTTP Server Attack Demo
– See DemoReadme.mhtml => Part2 for instructions
• Results (5 minutes each run):
Iterations
Scenario Bugs found Test Cases
coverage
6500 24%
Dumb Fuzzing without template 0 out of 4
Dumb Fuzzing with template 11000 2 from 4 56%
(hits: 0, 0, 2, 10)
700 (slow ) 2 from 4
Fuzzing with HTTP Demo 80%
Schema without template (hits: 0, 0, 4, 8)
10200
Fuzzing with HTTP Demo 4 from 4 100%
Schema with one template (valid) (hits: 1, 7, 64, 143)
9
10. Completing Fuzzing Coverage
(Code Coverage)
• After running a fuzzing test for a first round it is important to inspect whether all code
paths were covered
• Magellan Code Coverage tool set is recommended
• You should not hunt the numbers, rather review all uncovered code paths
– Fuzzing should traverse to all branches that depend on untrusted data
– All parsing code should be covered
– All error handling and cleanup code should be covered
• Note: If there is no code to handle malformed data exist, Code Coverage will not help
you!
• To add coverage, you may need:
– Extend test matrix and fuzzing tests additional configurations of the feature
– Add additional fuzzing templates
– Extend FuzzGuru with custom fuzzers or elements
• Metrics
– Expected to reach 75-85% code coverage of parsers code blocks
– Per fuzzed DLL: fuzzing usually adds 3%-6% blocks and 3%-8% arcs additional coverage to
compared to stress
– Per fuzzed source file: fuzzing usually significantly adds the coverage of ~13%.
– Per fuzzed function: fuzzing usually significantly adds the coverage of over 17%.
10