What tool would you use to find security holes in Google Chrome [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be 开发者_高级运维answered with facts and citations.

Closed 7 years ago.

Improve this question

I wish to know from SO security experts and hackers what kind of tools would they use to find a security hole in Chrome's armor? And using what programming and testing techniques?

I'm particularly interested in Open Source tools running on Linux.

Google announced on the Chrome Web Browser blog that they will pay 500$US for each security bug found. They plan to offer 1337$ for major bugs.

Thanks and happy bounty hunting!

---

just my opinion,

If you are not experienced in software you have better to exploit your skills doing some normal application/web app development then trying to get money from Google. After all two days of a freelance developer is about 500$.

Finding exploit is a difficult task and require really an huge knowledge of how computers works. There is many tecnics to discover exploits but almost none of them are automatic. If it was just using a tool Google would have done it themselves.

after for some basic tool you can try fuzzing tool but not really sure how it would behave with a browser.

---

Couple of points

• Read up about fuzzing
• Read up about Assembly language
• Obtain a fuzzer
• Obtain a reverse engineering program / Debugger (OllyDB, IDA Pro)

Sorry I can't be more help, but I don't do a lot of fuzzing myself. But the points above should help you find overflows and whatnot in Chrome, if there are any. Finding exploits like this can be very tricky. I can only imagine the testing Google would give their apps before releasing them, but good luck ;-D