What is Fuzzing?

Image Parser (2)

Example: Fuzzing an image parser application

Modern Fuzzing

Modern fuzzing is used for security and stability testing of the codebase. The software under test is fed with a series of inputs, which are purposefully mutated in the testing process. The testing tool gets feedback about the code covered during the execution of inputs. Unlike traditional or black-box fuzzing, feedback-based fuzzing explores the program state efficiently and discovers bugs hidden deep in the code.

Practical Limitations of Fuzzing

Fuzzing is hard to integrate into existing development environments. The integration requires fuzzing and domain knowledge. Existing tools are usually from fuzzing experts for other fuzzing experts and therefore hard to use. These limitations have encouraged us to create a solution for developers and experts alike.

SOURCE_Fuzzing Limitations

Bugs & Vulnerabilities found with Fuzzing:

Advanced Technology

CI Fuzz is based on advanced technology and comes with convincing features and usable design.
  • Feedback-based fuzzing
    based on instrumentations for common -processor -architectures
  • Support for the most important -architecture
    such as X86/64, ARM, AARCH64, MIPS or MIPS64
  • No reliance on source code
    based on advanced binary translation and -instrumentation techniques
  • Scalability
    of running tests in virtual environment
  • Fuzzing via -different -interfaces
    like networks, files, and devices
  • Virtualization and platform-agnostic
    due to the usage of QEMU (customizable -virtualization software)
  • Simulation of widely used peripherals
    such as WIFI, Bluetooth, CANBus or Serial interfaces
  • Low false-positive rate
    due to actual execution of the code rather than -static analysis based on patterns and data flows
  • Structure-aware fuzzing
    to trigger deep states in programs that use custom data types such in network protocols. CI Fuzz comes with a set of predefined structures to handle several formats and protocols (JSON/XML/YAML/CSV/...).
  • Stateful fuzzing
    Support for fuzzing stateful applications that require exchange of several messages of a given format to trigger deep states in the code.