(tool announcement) bunny the fuzzer

Hi all,

Just a quick note - I would like to announce the availability of our general-purpose closed loop protocol-blind fuzzer for open source C code:

  http://code.google.com/p/bunny-the-fuzzer/

Bunny uses automatically generated C-level instrumentation to focus on runtime inputs observed to trigger new control flow paths or interesting parameter variations - and to bail out early on dead-end fuzzing routes.

This notably improves flow path coverage and overall quality of the fuzzing process.

The tool is designed to maintain a near-native execution speed, and requires virtually no setup, even when dealing with complex and large codebases. This is probably a major improvement over previous closed loop solutions.

The software should be reasonably stable, though some bugs might still need to be ironed out. Current documentation is available here:

  http://code.google.com/p/bunny-the-fuzzer/wiki/BunnyDoc

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Cheers,
/mz Received on Wed Oct 31 16:50:01 2007