[fuzzing] code coverage and execution graph
Sergio 'shadown' Alvarez
shadown at gmail.com
Wed Oct 14 13:55:24 UTC 2009
gera uses pydasm and follows the jxx and calls to do the disassembly.,
basically you load the the .exe instead of the .pida file.
On Oct 14, 2009, at 3:45 PM, Charles Miller wrote:
> Does this actually work? I've never used his module, but I tried
> writing my own CPU aided basic block coverage tool a few years ago
> and wasn't happy with the performance (I'm assuming this is what
> gera's module does). Then again, I'm a sucky developer.
>
> Charlie
>
>>
>> Actually with pydbg you can use the branch gera did :), and you
>> don't need IDA.
>> In vtrace you have symbols access for the imports and exports. For
>> the not exported internal functions and basic blocks you can use
>> gera's module also. You can also use a pida file to do the same
>> thing you do with pydbg, except that with vtrace you can target
>> more platforms. :)
>> _______________________________________________
>
--
Sergio 'shadown' Alvarez
Security Researcher
===============================
email: shadown at gmail.com
gpg : F140 A2E4 1675 BDB6 9FE4
F53A 7969 7104 75CD B86E
More information about the fuzzing
mailing list