Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Usual Targets for Browser fuzzing<br />
R<strong>EN</strong>DERING <strong>EN</strong>GINE is the most complex module of browser<br />
architecture: displays HTML ,XML, SVG, MATHML, VML documents<br />
and images.<br />
It can display other types of data via plug-ins or extensions<br />
(PDF, Media file, fonts, etc)<br />
• It is its responsibility to parse HTML, apply CSS and build an<br />
internal tree model of the web page called “DOM”<br />
• Every logical operation performed on the web tree is<br />
executed on the DOM before rendering is done<br />
Weapons of choice to effectively fuzz rendering engine are:<br />
1. Fuzzing file formats<br />
2. Fuzzing DOM