RE: Looking for a fuzzer/source code analyzer on customer developed code
- From: Gadi Evron <ge@xxxxxxxxxxxx>
- Date: Tue, 18 Mar 2008 14:49:54 -0500 (CDT)
On Tue, 18 Mar 2008, Joxean Koret wrote:
There are many fuzzers but the most powerfull are
SPIKE and Sulley. Both of them are Open Source but
SPIKE is quite old (as the latest version is only
distributed to paying customers).
If you are looking for open source, there are two routes to go.
1. Specific fuzzer: built from the engine up to fuzz one service or protocol.
2. Frame-work (my preference is Peach)
A google search should be good enough, e.g. SMTP fuzzer or SMTP fuzzing.
Really.
If you want something specific and still didn't find it, try asking on the fuzzing mailing list:
http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- RE: Looking for a fuzzer/source code analyzer on customer developed code
- From: Joxean Koret
- RE: Looking for a fuzzer/source code analyzer on customer developed code
- Prev by Date: Re: anonymous Zonetransfer (AXFR) exploatation
- Next by Date: Re: Pentesting tools for Linux IP Tables
- Previous by thread: RE: Looking for a fuzzer/source code analyzer on customer developed code
- Next by thread: Session Hijacking over HTTP
- Index(es):
