Nytro Posted March 16, 2016 Report Posted March 16, 2016 honggfuzz Description A general-purpose, easy-to-use fuzzer with interesting analysis options. See USAGE for more details Supports hardware-based feedback-driven fuzzing (requires Linux and a supported CPU model), also for closed-source binaries It works, at least, under GNU/Linux, FreeBSD, Mac OSX and Android Can fuzz long-lasting processes (e.g. network servers like Apache's httpd and ISC's bind) It's been used to find a few interesting security problems in major software; examples: FreeType 2 project: CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527 Multiple bugs in the libtiff library Multiple bugs in the librsvg library Multiple bugs in the poppler library Multiple exploitable bugs in IDA-Pro ... and more Link: https://github.com/google/honggfuzz Quote
