2015-8-25 - HackMD

--- hackpadID: b9K86zwQGtX hackpadWorkspace: tossug tags: hackpad-import, tossug --- # 2015-8-25 [](http://www.tossug.org)http://www.tossug.org @ [](https://moztw.org/space/)https://moztw.org/space/ ## 現場轉播 [](http://bit.ly/moztw-vidyo-watch)http://bit.ly/moztw-vidyo-watch ## 投影片 [](http://nth10sd.github.io/2015-Fuzzing-and-Mozilla/?lang=zh-TW)http://nth10sd.github.io/2015-Fuzzing-and-Mozilla/?lang=zh-TW ## 模糊測試與 MOZILLA:2015 **模糊測試（fuzz testing, fuzzing）** * [](https://zh.wikipedia.org/wiki/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95)https://[zh.wikipedia.org/wiki](https://www.wikiwand.com/zh-tw/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95)/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95 **模糊測試工具目錄** 1. mangleme 1. [](http://freecode.com/projects/mangleme)http://freecode.com/projects/mangleme 2. jsfunfuzz 1. [](https://github.com/MozillaSecurity/funfuzz/blob/master/js/jsfunfuzz/README.md)https://github.com/MozillaSecurity/funfuzz/blob/master/js/jsfunfuzz/README.md 3. DOMFuzz 4. LangFuzz 5. Peach 6. American Fuzz Lop 7. Dharma **動態分析工具** 1. address Sanitizer (ASan) 2. Thread Sanitizer (TSan) 3. Leak Sanitizer (LSan) 4. Valgrind