Slashdot Mirror

← Back to Stories (view on slashdot.org)

CERT Releases Basic Fuzzing Framework

Posted by timothy on from the this-field-cannot-be-left-blank dept.

infoLaw passes along this excerpt from Threatpost: "Carnegie Mellon University's Computer Emergency Response Team has released a new fuzzing framework to help identify and eliminate security vulnerabilities from software products. The Basic Fuzzing Framework (BFF) is described as a simplified version of automated dumb fuzzing. It includes a Linux virtual machine that has been optimized for fuzz testing and a set of scripts to implement a software test."

1 of 51 comments (clear)

  1. axfuzz by shird · · Score: 5, Interesting

    in their whitepaper they referenced my 'axfuzz' tool I wrote years ago and even used a modified version of it in their testing. Hope they didn't judge me on that code, it was a pile of crap that I kept hacking together until it finally worked, with no thought to proper software design.

    --
    I.O.U One Sig.