zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data, which frequently comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easier to reproduce bugs.
|Tags||Software Development Testing Quality Assurance Security|
Release Notes: Zzuf now supports OpenSolaris, and support for OS X and BSD was greatly improved. This release also adds network host filtering and a fully programmable debugging tool.
Release Notes: This release fixes a few bugs, including a crash with library initialization functions that use realloc() before the libc is ready.
Release Notes: This release includes a randomizer with improved bit coverage and support for very low fuzzing ratios (down to one bit on a whole DVD). It also reimplements the dup and dup2 functions, as well as the glibc unlocked stdio functions found in an increasing number of applications.
Release Notes: This release allows the user to select which ports are being fuzzed in network mode. The documentation has been clarified and updated with more use cases.
Release Notes: This release adds support for CPU time limitation and file descriptor cherry-picking. Also, zzuf no longer interferes with other tools using LD_PRELOAD mechanisms.