November 24th, 2014

The great fuzz frenzy

Fuzzing is hot these days. I just ran across a neat idea/tool called FuzzMan recently (posted to full-disclosure I think). It takes a man page as input, and will fuzz input parameters based on what options it can parse from the man-page. The examples page shows the tool eliciting several segfaults in a known vulnerable version of sharutils.

There is an article in the latest hackin9 magazine (the print version anyway) about fuzzing, which covers several different fuzzing tools as applied to their relevant layers. You should check out the hackin9 magazine if you haven’t already. It’s a pretty good read, and is much more technical than other security/hacking print publications. It is a little spendy though (probably partially because it’s translated and imported), but I think it’s worth it. This issue they started a hacking challenge which is included (among other things) on a CD.

Yea for google images.

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS