实验: In 24 hours, AFLFast exposes 3 previously unreported CVEs that are not exposed by AFL and exposes 6 previously unreported CVEs 7x faster than AFL. AFLFast produces at least an order of magnitude more unique crashes than AFL. https://github.com/mboehme/aflfast...
使用一个新的 desockmulti 模块将网络消息馈送到被测程序中。desockmulti 类似于社区广泛使用的工具 desock (Preeny),但它是专为 fuzzing 而设计的,速度提高了 10 倍 实验: 数据集:Eclipse Mosquitto, libCoAP 发现了安全问题 与MOPT 和 AFLNET 进行比较,发现了更多路径和崩溃。
It's blazingly fast when the persistent fuzzing mode is used. A simple/empty LLVMFuzzerTestOneInput function can be tested with up to 1mo iterations per second on a relatively modern CPU (e.g. i7-6700K). Has a solid track record of uncovered security bugs: the only (to the date) vuln...
Rewind provides 2 main features: the ability to trace an arbitrary function the ability to fuzz an arbitrary function It also provides a basic TUI (Terminal User Interface) to report useful information regarding the fuzzing. It has been tested on Windows and Linux (only bochs backend for linux...
coverage-based fuzzingnetwork protocolpublish/subscribemultiparty-protocol fuzzerMQTTCoAPIoTPreenysecuritydesockThe publish/subscribe model has gained prominence in the Internet of things (IoT) network, and both Message Queue Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) support it....
However, existing coverage-based fuzzers may miss some paths when fuzzing such publish/subscribe protocols, because they implicitly assume that there are only two parties in a protocol, which is not true now since there are three parties, i.e., the publisher, the subscriber and the broker. ...
Knowledge-based Fuzzing technologies have been applied successfully in software vulnerability mining, however, its current methods mainly focus on Fuzzing ... X Zhu,Z Wu,JW Atwood - 《Journal of Computers》 被引量: 16发表: 2011年 Multi-Document Summarization Model Based on Redundancy-Constrained Kn...
FuzzingGray-box fuzzerSimulated annealingWith the increasing amount of codes and their complexity, the manual method of exploiting vulnerabilities is no longer able to meet the actual needs of vulnerability discovery. Therefore, more...doi:10.1007/978-3-030-24268-8_1Du, Chunlai...
This is the RCR report of the artifact for the article "Fine-grained Coverage-based Fuzzing." This report contains scripts and pre-build binary programs to reproduce the results presented in the main article. The artifact is released on Zenodo with DOI: 10.5281/zenodo.7275184. We claim the ...
The fuzzing device executes the application while obtaining coverage information; interacts with the application to bring the application in the target state; and fuzzes the application from that state, using the coverage information to determine fuzzed inputs to provide to the application. The ...