[fuzzing] code coverage and execution graph
Jared DeMott
jared.demott at harris.com
Wed Oct 14 13:28:18 UTC 2009
Sergio 'shadown' Alvarez wrote:
> On Oct 14, 2009, at 3:12 PM, Jared DeMott wrote:
>
>
>> Sergio 'shadown' Alvarez wrote:
>>
>>> Hi Jared,
>>>
>>> For call-graph based on source code check out http://www.scitools.com/products/understand/
>>>
>>> For the rest you should give a try to visi's vtrace/vdb http://www.kenshoto.com/vtrace/releases/
>>>
>>>
>> Ben was saying that http://dynamorio.org/ is the way to go
>>
>
> What Ben said is very true, both, DynamoRio and PIN (http://www.pintool.org
> ) are really powerful.
>
> For quick dynamic instrumentation IMHO vtrace is the best thing out
> there,
> the only problem is that there is no shared/centralized repository to
> contribute to.
>
> If you are looking for something powerful enough to do pretty much
> whatever you want, DynamoRIO and PIN are the way to go, with the
> downside of the speed in the development.
>
> As you've mentioned pydbg, I thought you were looking for something
> python based.
> I took that approach, I've over-developed vtrace a lot, and also added
> kernel debugging to it, that way I have a multi-platform and multi-
> arch framework to work with. I code a script only once and use it all
> over the place.
>
>
so for pydbg you have to use IDA and get a PIDA dump to set breakpoints
on functions or basic blocks. How does vtrace work? Can it work on
windows without a pida file for example?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.whitestar.linuxbox.org/pipermail/fuzzing/attachments/20091014/5c5f9af0/attachment.htm>
More information about the fuzzing
mailing list