Recherche : [fuzzing]

GitHub - ffuf/ffuf: Fast web fuzzer written in Go

eh · fuzzing

January 24, 2025 12:38:52 AM GMT+01:00 * · permalien

·

https://github.com/ffuf/ffuf

Tweet de :verified: domenuk (@dmnk), à 20 déc. 19:45

To debug a fuzzer (or anything really), I use this magical strace command:

strace -tt -yy -y -f -e trace=open,read,write,pipe,socket,dup2,clone,close -s 10000 -o /tmp/strace.log ./tool

-tt enables microseconds
-yy prints additional information about each file descriptor (like, files, sockets, etc.)
-f follows forks (get all info about subprocesses, threads, etc.)
-e trace= traces only specific syscalls we are interested in
-s increases the max size of logged strings
-o writes everything to /tmp/strace.log

Then, I can look at the log in vim or vscode, both with syntax hightlighting ( in vim, you may need to :set filetype=strace )

As additional weapon, I add -k which can dump a stacktrace at every syscall. Super slow, but super useful.

#fuzzing #fuzzingTips #debugging

debug · fuzzing · linux

December 21, 2022 09:35:53 AM GMT+01:00 * · permalien

·

https://infosec.exchange/@dmnk/109547133796948731

Cisco's Talos Intelligence Group Blog: The Mutiny Fuzzing Framework and Decept Proxy

The Mutiny Fuzzing Framework is a network fuzzer that operates by replaying network traffic through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being thorough.

fuzzing · network

December 8, 2017 03:42:58 PM GMT+01:00 * · permalien

·

http://blog.talosintelligence.com/2017/12/mutiny-decept.html

Honggfuzz by google

fuzzing

November 19, 2016 10:36:36 AM GMT+01:00 * · permalien

·

https://google.github.io/honggfuzz/

Python for SecOps: recherche de vulnérabilités dans les implémentations d'un protocole

https://www.pycon.fr/2016/pages/programme.html#Python for SecOps: recherche de vulnérabilités dans les implémentations d'un protocole
Cette présentation s'attachera à illustrer l'emploi de bibliothèques Python dédiées à la rétro-conception de protocoles tels que Netzob et Pylstar. Il sera notamment présenté comment les utiliser pour 1) extraire la machine à états d'une implémentation en boite noire et 2) comparer les machines à états de plusieurs implémentations d'un même protocole pour rechercher des vulnérabilités. Le protocole HTTP2 servira d'exemple.

python · fuzzing · network

November 18, 2016 01:28:01 PM GMT+01:00 * · permalien

·

https://www.pycon.fr/2016/videos/python-for-secops-recherche-de-vulnerabilites-dans-les-implementations-dun-protocole.html

american fuzzy lop

instrumentation-driven fuzzer for binary formats

American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.

https://linuxfr.org/users/woffer/journaux/fuzzing-eprouver-les-entrees-de-vos-developpements

fuzzing

January 10, 2015 11:38:56 AM GMT+01:00 * · permalien

·

http://lcamtuf.coredump.cx/afl/