Linux.com published CII’s Emily Ratliff’s article on 7 Things to Consider Before Fuzzing a Large Open Source Project
Dr. Wheeler recommends, “I’d consider writing a fuzzer specific to the project’s APIs & generate random inputs based on them, and adding lots of assertions that are at least enabled during fuzzing. If you know your API (or can introspect it), creating a specific fuzzer is pretty easy – grab your random number generator, set up an isolated container or VM for the fireworks, and go. ”
Read more at Linux.com.