一些摘录 1.2 Common Techniques
2013-07-05
Although no formal documentation exists that describes the standard bug-hunting process, common techniques do exist. These techniques can be split into 2 categories: static and dynamic.
In static analysis, also referred to as static code analysis, the source code of the software, or the disassembly of a binary, is examined but not executed.
Dynamic analysis, on the other hand, involves debugging or fuzzing the target software while it's executing.
Both techniques have pros and cons, and most bug hunters use a combination of static and dynamic techniques.
查字典图书网
