Full Disclosure mailing list archives
iDEFENSE Labs Releases File Format Fuzzing Tools and Announces Quarterly Award Winners
From: "iDEFENSE Labs" <labs-no-reply () idefense com>
Date: Thu, 25 Aug 2005 14:40:13 -0400
Open Source Tools ----------------- iDEFENSE Labs is officially releasing three tools designed to automate the discovery of file format vulnerabilities. FileFuzz, SPIKEfile and notSPIKEfile were originally released at Black Hat 2005 and have now been released as open source tools and are available for download from: http://labs.idefense.com FileFuzz: Authored by Michael Sutton, FileFuzz is a graphical, Windows based file format fuzzing tool. FileFuzz was designed to automate the creation of abnormal file formats and the execution of applications handling these files. FileFuzz also has built in debugging capabilities to detect exceptions resulting from the fuzzed file formats. SPIKEfile: Authored by Adam Greene, SPIKEfile is a Linux based file format fuzzing tool, based on SPIKE 2.9. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It uses standard SPIKE scripts to generate files and utilizes ptrace to pick up interesting signals and dump register state. notSPIKEfile: Authored by Adam Greene, notSPIKEfile is a Linux based file format fuzzing tool. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It operates on an existing valid file and creates fuzzed files. It utilizes ptrace to pick up interesting signals and dump register state. More information, screenshots and source code are available on the software releases page and bundled archive. Quarterly VCP Award Winners --------------------------- iDEFENSE Labs is pleased to announce the following three contributors as the award winners of the incentive program for the 1st quarter of 2005. * $3,000 1st place Tim * $2,000 2nd place fingerout * $1,000 3rd place anonymous This quarter also marks our first payment under our retention program. Retention program award winners are as follows: * $5,000 1st place syscall * $4,000 2nd place anonymous * $3,000 3rd place infamous41md () hotpop com * $2,000 3rd place Gael Delalleau * $1,000 3rd place CIRT.DK Please note that this is the final quarter that payments will be made under the original pricing scheme. Going forward, payments will reflect the improved programs announced on 07/26/2005. Congratulations. For information regarding the details of the rewards program please refer to: http://www.idefense.com/poi/teams/vcp_reward_programs.jsp Further information about iDEFENSE Labs, the Vulnerability Contributor Program and access to open source tools can be found at: http://labs.idefense.com Michael Sutton Director, iDEFENSE Labs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- iDEFENSE Labs Releases File Format Fuzzing Tools and Announces Quarterly Award Winners iDEFENSE Labs (Aug 25)