This repository has been archived by the owner on May 15, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 57
Home
Allen D. Householder edited this page Apr 12, 2024
·
7 revisions
You should probably start here: https://vuls.cert.org/confluence/display/tools/CERT+BFF+-+Basic+Fuzzing+Framework
- CERT Basic Fuzzing Framework - May 26, 2010
- CERT Basic Fuzzing Framework Update - September 22, 2010
- Updates to CERT Fuzzing Tools (BFF 2.6 & FOE 2.0.1) - October 25, 2012
- A Look Inside CERT Fuzzing Tools - November 5, 2012
- The Risks of Microsoft Exchange Features that Use Oracle Outside In - June 4, 2013
- Mining Ubuntu for Interesting Fuzz Targets - August 15, 2013
- One Weird Trick for Finding More Crashes - September 23, 2013
- Attaching the Rocket to the Chainsaw - Behind the Scenes of BFF and FOE's Crash Recycler - September 30, 2013
- BFF 2.7 on OS X Mavericks - October 23, 2013
- Feeling Insecure? Blame Your Parent! - February 3, 2014
- Visualizing CERT BFF String Minimization - June 6, 2016
- The CERT Basic Fuzzing Framework (BFF) contains code by Allen D. Householder and Will Dormann
- CERT Triage Tools was written by Jonathan Foote
- Crash minimization was inspired by Dan Rosenberg's FuzzDiff http://code.google.com/p/fuzzdiff/
- Crash uniqueness is based on a technique described in "Dynamic test generation to find integer bugs in x86 binary linux programs" by David Molnar, Xue Cong Li, and David A. Wagner http://portal.acm.org/citation.cfm?id=1855773
- CERT Triage Tools 1.02 test cases were originally written by Josh Bressers of Red Hat, Inc.
- BFF uses Sam Hocevar's zzuf for fuzzing and crash detection. http://caca.zoy.org/wiki/zzuf
- BFF was originally created by Will Dormann.