Penetration Testing mailing list archives

RE: Looking for a fuzzer/source code analyzer on customer developed code

From: Gadi Evron <ge () linuxbox org>
Date: Tue, 18 Mar 2008 14:49:54 -0500 (CDT)

On Tue, 18 Mar 2008, Joxean Koret wrote:

There are many fuzzers but the most powerfull are
SPIKE and Sulley. Both of them are Open Source but
SPIKE is quite old (as the latest version is only
distributed to paying customers).


If you are looking for open source, there are two routes to go.

1. Specific fuzzer: built from the engine up to fuzz one service orprotocol.

2. Frame-work (my preference is Peach)

A google search should be good enough, e.g. SMTP fuzzer or SMTP fuzzing.
Really.

If you want something specific and still didn't find it, try asking on thefuzzing mailing list:

http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Looking for a fuzzer/source code analyzer on customer developed code sudhakar (Mar 18)
- Re: Looking for a fuzzer/source code analyzer on customer developed code Marco Crotta (Mar 18)
- Re: Looking for a fuzzer/source code analyzer on customer developed code Zed Qyves (Mar 18)
- RE: Looking for a fuzzer/source code analyzer on customer developed code Joxean Koret (Mar 18)
  - RE: Looking for a fuzzer/source code analyzer on customer developed code Gadi Evron (Mar 18)