尽管模糊测试通常需要一些手动编码,但还有一些工具能提供帮助。
Although fuzz testing usually requires some manual coding, there are tools that can help.
由模糊测试导致的许多故障都是内存分配错误及缓冲器溢出的直接结果。
Many of the crashes resulting from fuzz testing are direct results of memory allocation mistakes and buffer overflows.
为了解决测试团队这方面知识的缺乏,贯穿测试和模糊测试这样的工具逐渐流行起来。
To address this lack of knowledge in the test team, tools such as penetration testing and fuzzing are becoming popular.
模糊测试能够说明bug在程序中的出现。
Fuzz testing can demonstrate the presence of bugs in a program.
建立了随机模糊测试系统的模型。
The model of the stochastic fuzzy testing system is constructed.
模糊测试是一项简单的技术,但它却能揭示出程序中的重要bug。
Fuzz testing is a simple technique, but it can nonetheless reveal important bugs in your programs.
幸运的是,很容易在Web应用程序中检测这一点,您可以应用一种模糊测试。
Fortunately, this is easy to detect in Web apps; you can literally apply a fuzzy test.
如 AppleScript或Perl脚本语言通常是编写模糊测试的最佳选择。
Scripting languages like AppleScript or Perl are often the best choice for writing this part of the fuzz test.
可以手动进行初始化测试,但要想达到最佳的效果则确实需要采用自动化模糊测试。
While you can do initial tests manually, you should really automate fuzzing for maximum effect.
如果模糊测试揭示出程序中的bug,就应该进行修正,而不是当bug随机出现时再对付它们。
If fuzz testing does reveal bugs in your programs, you should fix them.
在模糊测试中,用随机坏数据(也称做fuzz)攻击一个程序,然后等着观察哪里遭到了破坏。
In fuzz testing, you attack a program with random bad data (aka fuzz), then wait to see what breaks.
如果您用24小时对程序进行模糊测试而其依然无事,那么随后同种类型的攻击就不大可能再危及到它。
If you've fuzzed your program for 24 hours and it's still standing, then it's unlikely that further attacks of the same sort will compromise it.
我常愿意在开始的几个字节后面启动模糊测试,因为程序似乎更可能注意到早期的错误而不是后面的错误。
I usually like to start fuzzing somewhere after the first few bytes because programs seem more likely to notice an early mistake than a later one.
为了解决测试团队这方面知识的缺乏,贯穿测试和模糊测试这样的工具逐渐流行起来,用作软件安全性的开发。
To combat this lack of knowledge within the test organization, tools such as penetration test and fuzz test have become popular weapons in the ongoing fight against software security exploitation.
但是如果选择了特定的域类(比如customer类),并测试了它的错误处理方面,那么就会有模糊测试目的的可能性。
But if you picked a specific domain class (say the Customer class) and tested the error handling aspect against it, you would risk muddying the intent of your test.
模糊测试是一项用于验证程序中真实错误的重要工具,也是所有意识到安全性问题且着力于程序健壮性的程序员们的工具箱中所必备的工具。
Fuzz testing is a crucial tool for identifying real errors in programs, and one that all security-aware and robustness-oriented programmers should have in their toolboxes.
它的概念模糊而不可测试,但却被认为是公理而无懈可击。
Its concepts are woolly and untestable, yet are regarded as unassailable axioms.
一种最简单的方式就是应用“模糊”测试。
它被设计用于模糊而迅速地更改要求,提倡较短的开发周期以便最大程度地学习,并要求持续测试和重编代码以确保其正确性。
It is designed for vague and rapidly changing requirements, advocates short development cycles to maximize learning, and requires constant testing and refactoring of code to ensure its correctness.
根据过去的经验,我们知道通过模糊的需求定义,特性和系统缺陷会大量出现在测试结果里。
Based on past experience, we knew that most feature and system defects we discovered in testing resulted from ambiguous requirement definitions.
两级测试的界限是模糊的,并导致责任的间隙没有传达清楚。
The line between the two levels of testing can be blurry, and result in gaps if responsibilities are not clearly communicated.
当测试一个抵御模糊攻击的应用程序时,不可能做纯黑盒测试,但通过一些明显的修改,基本的想法还是可以应用的。
When you're testing a fuzz-resistant application, you can't do pure blackbox testing, but with some obvious modifications, the basic ideas still apply.
让程序员们在阅读一个文件时测试每一个字节和每一个不变量似乎是无望的——但不这样做就会使程序易被模糊攻击。
Asking programmers to test each byte and every invariant when reading a file seems hopeless — but failing to do so leaves your programs vulnerable to fuzz.
在这款程序里,一组模糊的线条,也就是人们所熟知的Gabor patches测试条会出现在屏幕。当某一个出现在屏幕中心时,用户要立刻识别出来。
In the new app, groups of blurry lines known as Gabor patches appear at several points across the screen and the user must identify when one appears in the centre.
将产生式知识表示法和模糊模式识别方法用于晶闸管整流装置内阻测试系统的自检,组成了一个诊断专家系统。
An expert diagnosis system is designed for self checking of the inherent resistance test system of SCR device with representation of production knowledge and fuzzy pattern recognition.
本文提出了一种应用于汽车发动机测试台架的模糊pid控制器,这种PID控制器优点在于PID参数可在线自整定。
This paper introduces a new fuzzy PID controller which can be used in the automotive engine test bench, the advantage of this PID cont roller lies in the online self-tuning function of PID parameter.
基于机器微视觉的MEMS动态测试系统,利用模糊图像合成技术对MEMS的平面微运动特性参数进行提取和分析。
Based on machine micro-vision dynamic testing system for MEMS, the technique of blur image synthesis is presented to exact and analyze in-plane motion characteristic of MEMS devices.
针对汽车发动机电子点火模块输出波形的特点,提出一种新的基于模糊模式识别的汽车发动机电子点火模块性能测试方法,并系统地讨论了该方法的具体实现技术。
Aiming at the output waves features of electronic ignition blocks using to automobile engines, in this paper a new method based on fuzzy pattern recognition is put forward, and is realized.
基于这种模糊控制关系和模糊推理规则,得到了被测软件通过测试的标准值,使测试通过的判定得以量化;
The standard value of the tested software to pass the test was then obtained from the fuzzy control relation and fuzzy inference rules, thus quantifying the judgment for software to pass the test.
基于这种模糊控制关系和模糊推理规则,得到了被测软件通过测试的标准值,使测试通过的判定得以量化;
The standard value of the tested software to pass the test was then obtained from the fuzzy control relation and fuzzy inference rules, thus quantifying the judgment for software to pass the test.
应用推荐