Hello!

Ok.. so I know my way arround with C, C++, Assembly on x86, Python, Perl, PHP and I'd like to get into security research. All of the above are self tought ..

I'm not very sure how exactly people discover bugs. (I'm not talking about "accidents") Is there a "scientific" method (or "brute" method?) to find bugs in a programe? Assuming the source code is relatively big .. I suppose trying to read it and discover security bugs this way is pretty .. impossible in many cases ?

So I suppose you can use Fuzzers .. [does anyone have a good resource for theory on this subject ?] ..

How else can one discover security bugs ?