1. Vulnerability Discovery Methodologies
“Will the highways of the Internet become more few?”
—George W. Bush, Concord, N.H., January 29, 2000
Ask any accomplished security researcher how he discovers vulnerabilities and you’re likely to get a multitude of answers. Why? There are a variety of approaches, each with its own advantages and disadvantages. No one approach is correct and no single method can uncover all possible vulnerabilities for a given target. At a high level, there are three primary approaches to discovering security vulnerabilities: white box, black box, and gray box testing. The differences among these approaches can be determined by the resources to which you, as the tester, have access. At one extreme, the white ...