image
The idea is to be the Network Protocol Fuzzer that we will want to use. The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to define the communications, helping to identify the "suspects" of crashing a service, and much more Last Changes [16/12/2019] Data Generation modules fully recoded (Primitives, Blocks, Requests) Improved Strings fuzzing libraries, allowing also for custom lists, files and callback commands Variable data type, which takes a variable set by the session, the user or a Response Session fully recoded. Now it is based on TestCase s, which contains all the information needed to perform the request, check the response, store data such as errors received, etc. Responses added. Now you can define responses with s_response(), This allows to check the response from the server, set variables and even perform additional tests on the response to check if something is wrong Monitors now automatically mark TestCases as suspect if they fail Added the IPP (Internet Printing Protocol) Fuzzer that we used to find several vulnerabilities in different printer brands during our printers research project ( https://www.youtube.com/watch?v=3X-ZnlyGuWc&t=7s ) Features Based on Sulley Fuzzer for data generation [ https://github.com/OpenRCE/sulley ] Actually, forked BooFuzz (which is a fork of Sulley) [ https://github.com/jtpereyda/boofuzz ] Python3 Not random (finite number of…

Source