Penetration Testing mailing list archives
RE: Looking for a fuzzer/source code analyzer on customer developed code
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 18 Mar 2008 14:49:54 -0500 (CDT)
On Tue, 18 Mar 2008, Joxean Koret wrote:
There are many fuzzers but the most powerfull are SPIKE and Sulley. Both of them are Open Source but SPIKE is quite old (as the latest version is only distributed to paying customers).
If you are looking for open source, there are two routes to go.1. Specific fuzzer: built from the engine up to fuzz one service or protocol.
2. Frame-work (my preference is Peach) A google search should be good enough, e.g. SMTP fuzzer or SMTP fuzzing. Really.If you want something specific and still didn't find it, try asking on the fuzzing mailing list:
http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Looking for a fuzzer/source code analyzer on customer developed code sudhakar (Mar 18)
- Re: Looking for a fuzzer/source code analyzer on customer developed code Marco Crotta (Mar 18)
- Re: Looking for a fuzzer/source code analyzer on customer developed code Zed Qyves (Mar 18)
- RE: Looking for a fuzzer/source code analyzer on customer developed code Joxean Koret (Mar 18)
- RE: Looking for a fuzzer/source code analyzer on customer developed code Gadi Evron (Mar 18)