Fuzzers are a category of security testing software that will throw all sorts of random data at a software system looking for flaws that can then be exploited by individual penetration testers. Sort of like throwing a bunch of paint around the room trying to find the invisible man. I found this talk about a PHP Internals Fuzzer from Emmanuel Law compelling for a number of reasons.
It’s not a beginer’s talk — you’ll need to connect a lot of dots if you’re new to the topic (or I should say, I had to connect a lot of dots since I was new to the topic) but so little is written about this sort of thing that any information feels like gold in your pan. It’s also interesting to see how someone super acomplished in penetration testing approaching a specific programming languge they’re not an expert in.
While the fuzzer Emmanuel created (Phzzer) doesn’t seem to be avaible online, he outlines the general approach he took to finding a bunch of explits in early versions of PHP 7, and also namechecks a few other fuzzers (Minerva, LangFuzz, and Malamute) that seem worth checking out.