[fuzzing] Commercial Fuzzers
Jared DeMott
demottja at msu.edu
Wed Mar 21 15:09:13 CDT 2007
J. M. Seitz wrote:
> I do know that Codenomicon allows you to do a free trial for a time, no
> offense to anyone on the list, I didn't feel that it was a great fuzzer, and
> frankly I wrote a comparable one in Python (w/Peach) in a few hours, the
> particular one that I tried was for HTTP. As well, there is a company that
> builds a fuzzing appliance but the name eludes me currently.
>
Here's an interesting article:
http://www.matasano.com/log/242/appliance-based-fuzzing-will-spirent-bite/
> The problem with these tools are they are rediculously expensive, you are
> better off hiring someone as a contract programmer to develop your own
> fuzzer that will do EXACTLY what you want, with the instrumentation you
> need. I am willing to bet that the costs will be lower (worst case the same)
> and you will be using something that does what you and your QA/security team
> need.
>
>
More information about the fuzzing
mailing list