[fuzzing] code coverage and execution graph

Sergio 'shadown' Alvarez shadown at gmail.com
Wed Oct 14 13:23:52 UTC 2009 

On Oct 14, 2009, at 3:12 PM, Jared DeMott wrote:

> Sergio 'shadown' Alvarez wrote:
>>
>> Hi Jared,
>>
>> For call-graph based on source code check out http://www.scitools.com/products/understand/
>>
>> For the rest you should give a try to visi's vtrace/vdb http://www.kenshoto.com/vtrace/releases/
>>
> Ben was saying that http://dynamorio.org/ is the way to go

What Ben said is very true, both, DynamoRio and PIN (http://www.pintool.org 
) are really powerful.

For quick dynamic instrumentation IMHO vtrace is the best thing out  
there,
the only problem is that there is no shared/centralized repository to  
contribute to.

If you are looking for something powerful enough to do pretty much  
whatever you want, DynamoRIO and PIN are the way to go, with the  
downside of the speed in the development.

As you've mentioned pydbg, I thought you were looking for something  
python based.
I took that approach, I've over-developed vtrace a lot, and also added  
kernel debugging to it, that way I have a multi-platform and multi- 
arch framework to work with. I code a script only once and use it all  
over the place.

Cheers,
   Sergio

>> Cheers,
>>    Sergio
>>
>> On Oct 13, 2009, at 10:56 PM, Jared DeMott wrote:
>>
>>
>>> What are the best tools out there for projects for which you have
>>> source
>>> code to create a call graph?  How about instrumenting binaries  
>>> without
>>> source code?  Is pydbg still the king in closed source code coverage
>>> on
>>> Windows?  How about on other systems?
>>>
>>> -- 
>>> __________________________________________
>>> Jared D. DeMott
>>> Principal Security Researcher
>>> Crucial Security Programs
>>> Harris Corporation
>>> http://crucialsecurity.com
>>> Office 616.874.7810
>>> Mobile 616.240.7578
>>> _______________________________________________
>>> fuzzing mailing list
>>> fuzzing at whitestar.linuxbox.org
>>> http://www.whitestar.linuxbox.org/mailman/listinfo/fuzzing
>>>
>>
>>
>
>
> -- 
> __________________________________________
> Jared D. DeMott
> Principal Security Researcher
> Crucial Security Business Area
> Harris Corporation
> http://crucialsecurity.com
> Office 616.874.7810
> Mobile 616.240.7578

-- 
Sergio 'shadown' Alvarez
Security Researcher
===============================
email: shadown at gmail.com
gpg  : F140 A2E4 1675 BDB6 9FE4
        F53A 7969 7104 75CD B86E

More information about the fuzzing mailing list