Highest Voted 'fuzzing' Questions - IT Security Stack Exchange

4

votes

1 answer

General techniques for identifying an unknown service

I have a specific sample I'd like feedback on, but my view is an answer about general techniques is more valuable for this site. I'll leave the details in, in case anyone googling this bumped into the same service. My questions: What are general…

ports tcp fuzzing

asked Feb 13 '17 at 02:55

J.A.K.

4,793
13
30

4

votes

1 answer

Sulley - only using ASCII printable characters

I have a problem fuzzing FTP protocol. An example of a command fuzzed is the following data model, which should fuzz the "CWD [string]" command of the FTP protocol. s_initialize('CWD') s_static('CWD') s_delim('…

network fuzzing remote-server ftp

asked May 07 '12 at 07:23

eleanor

528
2
5
11

4

votes

3 answers

I want to start learning fuzzing windows applications, where should I start?

I got my B.Sc. in computer science and I am familiar with basic assembly language. I want to start learning about how to find vulnerabilities in Windows applications, e.g. buffer overflows, use-after-free, etc. I am looking for a path, i.e.,…

vulnerability zero-day fuzzing

asked Apr 10 '16 at 22:19

Moe

43
1
5

3

votes

5 answers

Why companies do not simply use hackers' tools to find their own vulnerabilities prior to the release of their software?

It may be a silly question, but hackers do use publicly-available tools to find vulnerabilities. So why don't companies, before releasing their products (Windows, Adobe etc...), use the same tools to find those vulnerabilities and fix them? I don't…

code-review fuzzing vulnerability static-analysis

asked Apr 07 '15 at 09:10

Nick

71
1
2

3

votes

2 answers

Software suggestions on building a "passive" and "active" WAN simulation and fuzzing device?

I want to build a more-or-less self-contained box that I can plug two or more endpoints into (routers, mainly) that will simulate a WAN. I want to be able to mess up traffic in all sorts of ways, both "passive" (for example, natural network problems…

network routing fuzzing

asked Sep 29 '11 at 17:47

mjbraun

33
4

3

votes

3 answers

How can NSA see everything without us noticing that?

Here's one thing that keeps bugging me ever since I heard about the NSA revelations. From what I heard, NSA built a system that basically sees most of the internet, made of many subsystems which affect the networks. Judging by the leaked documents,…

fuzzing nsa black-box

asked Apr 07 '14 at 12:10

d33tah

6,524
8
38
60

3

votes

1 answer

Test suite for a white-box fuzzer

I have created a white-box fuzzer by extending the Crest. Now, I'm looking for a test suite (a set of c programs with known vulnerabilities) to test the functionality of my tool. where i can find such benchmarks?

known-vulnerabilities fuzzing automated-testing whitebox

asked Sep 30 '13 at 12:51

mrd abd

141
2

3

votes

1 answer

Best option to fuzz a C Network Program

I have a client/server simple program in C. I want to test the server running on different machine with random inputs. I have looked at 'Bunny-the-fuzzer' but from what I can understand It wont be much help when the target program/application is on…

penetration-test c fuzzing

asked Apr 27 '13 at 23:35

David Deej

31
1

3

votes

1 answer

Fuzzing tool to find heap overflows in a Windows binary

Is there a fuzzing tool that can scan some arbitrary windows binary and identify a set of heap overflow vulnerabilities? For example, a tool that applies a set of heuristics or maybe a list of known heap overflow vulnerabilities to find these, and…

windows fuzzing

asked Dec 22 '12 at 08:20

T. Webster

2,301
3
19
18

3

votes

1 answer

Fuzzing a mips interactive binary

I need to fuzz an interactive binary (for which I do not have the source code) compiled for a MIPS architecture. It is a login console and i'd like to fuzz the interactive text provided by the user (ie.: the console asks for a username, the user…

authentication fuzzing

asked Jan 13 '18 at 17:10

sowdust

63
5

3

votes

1 answer

Fuzzing authenticated part of web application

I have a web application I am wanting to fuzz. It consists of a lot of REST webservice gets/puts. I have been considering using Sulley Fuzzing Framework or its successor boofuzz. Since the jsessionid and/or other authentication cookies change for…

fuzzing

asked May 09 '17 at 01:53

dnraikes

133
3

3

votes

1 answer

How can I fuzz standalone applications?

How can I fuzz standalone applications because I can't seem to wrap my head around how a fuzzer can "feed" fuzz data to a standalone application. Most online resources use web servers as examples. The other resources give examples like opening a…

fuzzing

asked Mar 26 '12 at 15:08

han

41
2

3

votes

1 answer

Sulley - Logic behind primitives

Are sulley's primitives used to build a description of the protocol or to specify what kind of data we want to generate? Let's take for instance the following primitive s_string("ok", encoding="ascii") In the first case, it would mean, the protocol…

fuzzing

asked May 29 '16 at 02:38

Othman

587
5
16

3

votes

1 answer

Can fuzzing be considered a software testing technique for any vulnerability type

I'm doing a research on fuzzing and I would like to know the answer to the question in the title. The cvedetails uses the following categories for vulnerabilities: Bypass a restriction or similar Cross Site Scripting Denial of service …

penetration-test known-vulnerabilities vulnerability-scanners automated-testing fuzzing

asked Feb 18 '12 at 18:59

eleanor

528
2
5
11

2

votes

1 answer

Best way to do security testing for a server behind nginx proxy

I'm trying to do some security testing for my server(not a web server) which is sitting behind a nginx proxy. To start with it, I've done some fuzz testing using Sulley. As expected, most of the fuzzed requests were handled by nginx. I also tried…

penetration-test http kali-linux fuzzing

asked Feb 13 '15 at 10:23

pragmatic

23
1
4

Questions tagged [fuzzing]