Web applications need for extensive testing before deployment and use, for early detecting security vulnerabilities to improve the quality of the safety of the software, the purpose of this paper is to research the fuzzing applications in security vulnerabilities. This article first introduces the common Web software security vulnerabilities, and then provide a comprehensive overview of the fuzzing technology, and using fuzzing tools Web fuzz to execute a software vulnerability testing, test whether there is a software security hole. Test results prove that fuzzing is suitable for software security vulnerabilities testing, but this methodology applies only to security research field, and in the aspect of software security vulnerabilities detection is still insufficient.
展开▼
