Best (and updated) fuzzing tools?

Question

Hi everyone,

 

what are the best file format fuzzing tools out there?

I've checked for example FileFuzz but it's bit simple and outdated.

What do you use?

 

Thanks in advance!

Rey Misterio

Answer 1

I personally prefer to write small scripts and/or tools for my needs by myself because usually you find tools out there which come close to what you are looking for but do not exactly do what you want.

Sometimes you'll find an existing script you can modify.

Take a look at Egurra which might be a good template for you to start from and adopt it to your needs:

http://www.morenops.com/?p=673

Comments

Good, the guy from morenops.com (which can speak Basque and a flawless English, wtf!) pointed out "Gray Hat Hacking" is a good way to start. I agree.

It looks like I'll have to put this coding fingers to work! ;)

 

Thanks a lot!

Answer 2

Another option in between is to make use of an already existing fuzzing framework. If you like Python (who doesn't!) you can check out the Sulley Framework, from the Tipping Point guys.

https://code.google.com/p/sulley/

You still have the flexibility to write something suited to your specific needs but it's not necessary to start from scratch.

Answer 3

PaiMei supports file fuzzing (along with code coverage!) and iSec Partners has a few file fuzzing tools (e.g. FileP and FileH) available on their website.

Microsoft also released one called MiniFuzz.

Symantec has built one called SEEAS, but it was never released to the public.

Comments

I totally forgot to mention zzuf