Dailydave mailing list archives

Re: School project start: a fuzzer

From: Jon Oberheide <jon () oberheide org>
Date: Fri, 08 May 2009 15:57:05 -0400

Flayer from Will and Tavis did a bit along those lines:

http://code.google.com/p/flayer/
http://www.usenix.org/event/woot07/tech/full_papers/drewry/drewry_html/

Regards,
Jon Oberheide

On Fri, 2009-05-08 at 11:46 -0300, Agustin Gianni wrote:

Just an idea, try mixing up an aplication like valgrind and a fuzzer.
That should
be an interesting thing to do. 

Just a thought.

http://agustingianni.googlepages.com/ffuzer.tar.bz2

That is an old version of my file fuzzer. It may help you.

On Fri, May 8, 2009 at 6:11 AM, Martin Zember
<martin.zember () matfyz cz> wrote:
        Hi community,
        
        could you please give me some advice about a school project?
        It is an
        obligatory team project.
        
        We plan to create a fuzzer. I hope it makes sense to build
        another fuzzer,
        since different fuzzers find different bugs, right..? ;-)
        
        We have a lot of time (9 months, 5 people, 1day per week), but
        not more, so it
        is not a good ground for research. The project should be
        implemented,
        documented, finished, presented. The question is, how deep can
        we go (what to
        promise in the specification)? My guess is that detecting
        success during
        fuzzing only when application crashes is too lame. "Feedback
        fuzzing" is maybe
        too complicated. What is realistic?
        
        Even though it would be nice, we did not find a paid project,
        which is
        interesting enough. We are not obliged to do a fuzzer so other
        suggestions or
        warnings are welcome.
        
        Martin
        _______________________________________________
        Dailydave mailing list
        Dailydave () lists immunitysec com
        http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

-- 
Jon Oberheide <jon () oberheide org>
GnuPG Key: 1024D/F47C17FE
Fingerprint: B716 DA66 8173 6EDD 28F6  F184 5842 1C89 F47C 17FE

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

School project start: a fuzzer Martin Zember (May 08)
- Re: School project start: a fuzzer Jared DeMott (May 08)
- Re: School project start: a fuzzer Agustin Gianni (May 08)
  - Re: School project start: a fuzzer Jon Oberheide (May 08)
- Re: School project start: a fuzzer Arun Koshy (May 08)
- Re: School project start: a fuzzer nnp (May 08)
- Re: School project start: a fuzzer Adrien Krunch Kunysz (May 08)