Monday, 10 September 2012
Disassemblers and debuggers are required in order to do reverse engineering and analysis of crashes. These tools include GNU Debugger (GDB), IDA Pro, objdump, WinDbg, Immunity Debugger, OllyDbg, and many others. Fuzzing tools such as Sulley and PacketFu can help to automate the bug discovery process.
Debugger and Dissambler; IDA Pro:
supported processor architectures.
Familarity with a scripting language for instance, Ruby or Python assist a tester saving countless time. It is a requirement that the tester has programming knowledge when performing product security testing as analysis often leads to reverse engineering and exploit writing. Ruby and Python have lead a long way with support for exploit research.
Sniffers are also an essential part of testing, enabling the tester to determine network behavior and perform protocol testing.