It is well known that the categories Fuzz of Fuzzes and TopFuzz of topological Fuzzes are both complete and cocomplete, and some categorical properties of them were introduced by many authors. In this paper, we introduce the structure of equalizers in these categories. In particular, we show that every regular monomorphism is an injective map, but monomorphisms need not be injective, in general.

Fuzzing software is a method for finding security vulnerabilities in applications. In this method, by sending random data to the program, attempts are made to find cases that lead to undesirable behaviors and errors such as memory corruption or unauthorized access. One of the proposed methods for improving and enhancing Fuzzing is the use of symbolic analysis and dynamic-symbolic execution. In this method, in addition to generating random data, logical analysis of the program and its symbolic execution are used to generate data that can cover new paths in program execution. In this research, we have shown that the dynamic-symbolic execution method can be used for Fuzzing network protocols and also improve this process. For this purpose, the first framework for hybrid Fuzzing of network protocols has been designed and implemented. The results on two services dcmtk and dnsmasq show that hybrid Fuzzing performs better in terms of code coverage compared to traditional Fuzzing. Branch coverage in the dcmtk service improved by 2.71 percent compared to AFLNet, which was able to make the negative performance of NyxNet compared to AFLNet positive. Also, branch coverage in the dnsmasq service improved by 37.72 percent compared to AFLNet and by 11.82 percent compared to NyxNet.

In this paper, a gray box Fuzzer is presented to detect vulnerabilities in executable binary code. The literature surveys show that Fuzz testing has three major problems. At first, the input space provided by the Fuzzers to coverage execution paths in a binary program, can be very large. Secondly, most Fuzzers can not support sufficient coverage of execution paths because of large input space. Finally, a large number of possible vulnerabilities can not reveal within an unseen execution path because of this unsufficient coverage. The proposed method, resolves the problem of large input space, in an evolutionary process, by conducting the test data generation towards suspicious paths in which one or more vulnerability patterns are observed. In the presented method, when a vulnerablility pattern is observed in an execution path by a test data, the next test data is generated revealing the vulnerablity. As a result, the number of detected vulnerabilities can increase. Our evaluations show better performance of presented method compared to other Fuzz testing methods.

Purpose: To assess the quality of the national archives websites with WebQEM and Fuzz-web methods and design a system using a Fuzzy inference.Methodology: Applied research employing survey.65 national archives websites were evaluated using a checklist produced according to WebQEM method and weighted for the study population, as well as online tools of Fuzz-web method. Based on data collected by Fuzz-web method, a Fuzzy inference system was designed in Matlab software.Results: The average score for national archives websites was 0.51 using WebQEM and 0.505 using Fuzz-web. There was no significant difference between results derived from WebQEM and Fuzz-web evaluation methods.Conclusion: Usability and performance were the highest deficiencies of the websites, which is an alarm for web designers. Using Fuzzy inference system, websites can be evaluated regularly.

Fuzzers can reveal vulnerabilities in the software by generating test input data and feeding inputs to software under test. The approach of grammar-based Fuzzers is to search in the domain of test data which can be generated by grammar in order to find an attack vector with the ability to exploit the vulnerability. The challenge of Fuzzers is a very large or infinite search domain and finding the answer in this domain is a hard problem. Grammatical Evolution(GE) is one of the evolutionary algorithms that can utilize grammar to solve the search problem. In this research, a new approach for generation of Fuzz test input data by using grammatical evolution is introduced to exploit the cross-site scripting vulnerabilities. For this purpose, a grammar for generating of XSS attack vectors is presented and a fitness calculation function is proposed to guide the GE in search for exploitation. This method has realized the automatic exploitation of vulnerability with black-box approach. In the results of this research, 19% improvement achieved in the number of vulnerabilities discovered compared to the white-box method of NAVEX and black-box ZAP tool, and without any false positives.

In this paper, we present the notion of weakly compact topo-logical Fuzzes and give some characterizations of them. In particular, a characterization of weakly compactness are given by the closedness of the projection Fuzz maps. Also, we study some properties of proper Fuzz maps as an important class of closed Fuzz maps.

Fuzzing is a dynamic software testing technique. In this technique with repeated generation and injection of malformed test data to the software under test (SUT), we are looking for the possible errors and vulnerabilities. Files are significant inputs to most real-world applications. Many of test data which are generated for Fuzzing such programs are rejected by the parser because they are not in the acceptable format and this results in a low code coverage in the process of Fuzz testing. Using the grammatical structure of input files to generate test data leads to increase code coverage. However, often, the grammar extraction is performed manually, which is a time consuming, costly and error-prone task. In this paper, a new method, based on deep neural language models (NLMs), is proposed for automatically learning the file structure and then generating and Fuzzing test data. Our experiments demonstrate that the data produced by this method leads to an increase in the code coverage compared to previous test data generation methods. For MuPDF software, which accepts the PDF complex file format as an input, we have more than 1. 30 to 12 improvement in percent code coverage than both the intelligence and random methods.

The present study is the result of a content analysis on the book“,testing English Language Skills, From Theory to Practice”,written by Farhady, Jafarpour, and Birjandi. This book is one of the most widely-used textbooks selected by language instructors for the testing courses of TEFL, Translation, and English literature majors. Using McDonough, Shaw, and Masuhara’, s (2013) textbook evaluation framework, the authors carried out both internal and external evaluations of the claims made by the authors in the preface of the book. The claims included: using lucid language, comprehensive coverage, a desirable organization of the materials presented and a direct relevance to the Iran’, s context. Furthermore, the textbook was also analyzed based on its physical appearance, content, and methodology. The strengths and weaknesses in each domain were categorized and presented. At the end, some recommendations have been made to the authors, in case of any future editions of the textbook by the authors.

Introduction: Cytology testing has been successful in reducing the incidence of cervical cancer and mortality. Molecular testing like HPV typing and Aptima test can improve screening effectiveness. We compared the diagnostic value of cytology testing, High-risk (HR) HPV DNA typing, and APTIMA tests based on the results of the cervical biopsy in the diagnosis of cervical cancer and neoplasia in patients referred to Imam Khomeini Hospital. Methods: One hundred fifty women between 21 and 56 years old who referred to having clinical symptoms or conducting screening tests enrolled in the study. Sensitivity, specificity, positive and negative predictive values, and accuracy for cervical involvement were calculated for cytology, High-risk HPV testing, and APTIMA tests separately. Results: The most abundant genotype found was HPV 16. cytology testing had a sensitivity of 59% for CIN 2+ and a specificity of 61% for CIN 2+. For CIN I, the sensitivity and specificity of cytology testing were higher (63% and 71%, respectively). High-risk HPV typing had the highest sensitivity (76%) for CIN 2+, but its specificity was low (66%). Its sensitivity was 51% for CIN I with a specificity of 74%. APTIMA tests had a sensitivity of 53. 7% and a specificity of 87. 5% for CIN2 +, which was less sensitive to High-risk HPV typing but was more specific. The APTIMA test sensitivity for CIN I was very low (22. 2%), but its specificity was high (87. 5%). Conclusion: High-risk HPV typing showed the highest sensitivity (75. 9%) and APTIMA tests had the highest specificity (87. 5%) in predicting CIN 2+.