In last post we have discussed on one of the Application testing technique RASP , its functionality , importance, methods . Today we will discuss about another hidden technique used in application security testing known as FAST(Feedback-Based Application Security Test) also known as Fuzzing Application Security test
The dynamic approach (DAST) is commonly used to test and filter out warnings produced by SAST to increase the accuracy of the application security testing. Instrumentation allows DAST-like confirmation of exploit success, improve its performance and SAST-like code coverage of the application source code. IAST (Interactive) is a hybrid version of the two, combining the benefits of SAST and DAST
DAST solutions and black-box testing, generally, have low code-coverage as they rely on random, pattern-based or brute-force approaches to generate input and test cases.
Fuzzing employ Feedback-Based fuzzing techniques instrumenting the software being tested to identify vulnerabilities and bugs; it can be complemented by Reverse Engineering. During the fuzzing process, random inputs are “sent” to the software under test, while its behavior is monitored, until a crash is triggered. The input which caused the crash is then recorded and analyzed to derive information that can be used to exploit the bug in the application.
The fuzzer gets feedback about the code covered, when executing each input, allowing the mutation engine to measure the input quality. At the core of the mutation engine are genetic algorithms used to optimize code coverage as a fitness function. Generated inputs resulting in new code paths, maximizing code coverage and thus increase the probability of triggering bugs, are prioritized and are used during the next batch of mutations.
Google, for example, already use modern fuzzing technologies to automatically test their code for vulnerabilities. As of January 2021, OSS-Fuzz has discovered over 25000 bugs in 375 open-source projects.
Despite these enormous advancements, the full potential of FAST has barely been explored yet. Apart from the use of genetic algorithms to optimize code coverage, a wealth of other techniques can be used to significantly improve the effectiveness of DAST and current FAST fuzzers such as libFuzzer, AFL and hongFuzz