Menu

What is Fuzzing?

Image Parser (2)

Example: Fuzzing an image parser application

Modern Fuzzing

Modern fuzzing is used for security and stability testing of the codebase. The software under test is fed with a series of inputs, which are purposefully mutated in the testing process. The testing tool gets feedback about the code covered during the execution of inputs. Unlike traditional or black-box fuzzing, feedback-based fuzzing explores the program state efficiently and discovers bugs hidden deep in the code.

Practical Limitations of Fuzzing

Fuzzing is hard to integrate into existing development environments. The integration requires fuzzing and domain knowledge. Existing tools are usually from fuzzing experts for other fuzzing experts and therefore hard to use. These limitations have encouraged us to create a solution for developers and experts alike.

SOURCE_Fuzzing Limitations

Bugs & Vulnerabilities found with Fuzzing:

microsoft linux chrome

History of Modern Fuzzing

First Introduction of Fuzzing

  • Generation of random inputs
  • Monitoring for crashes, failed built-in code assertions or memory leaks
  • Takes very long to find complex or deeply hidden bugs in the program

1980

AFL Introduced Modern Fuzzing

  • Introduction of feedback-based fuzzing to academia
  • Uses not only randomized inputs but also intelligent algorithms to generate inputs
  • Increased code coverage significantly

2015

Modern Fuzzing Superior in Bug Discovery

  • With modern fuzzing, countless bugs and vulnerabilities have been discovered
  • Google finds 80 % of its bugs with fuzzing alone 16,000 in Google Chrome
  • 11,000 bugs in 160 open source projects

2019

CI Fuzz Platform

  • Until today, fuzzing could only be used by experts
  • CI Fuzz enables experts and developers alike to use fuzzing
  • Unique combination of the latest breakthrough technologies

2020

Advanced Technology

CI Fuzz is based on advanced technology and comes with convincing features and usable design.
  • Feedback-based fuzzing
    based on instrumentations for common -processor -architectures
  • Support for the most important -architecture
    such as X86/64, ARM, AARCH64, MIPS or MIPS64
  • No reliance on source code
    based on advanced binary translation and -instrumentation techniques
  • Scalability
    of running tests in virtual environment
  • Fuzzing via -different -interfaces
    like networks, files, and devices
  • Virtualization and platform-agnostic
    due to the usage of QEMU (customizable -virtualization software)
  • Simulation of widely used peripherals
    such as WIFI, Bluetooth, CANBus or Serial interfaces
  • Low false-positive rate
    due to actual execution of the code rather than -static analysis based on patterns and data flows
  • Structure-aware fuzzing
    to trigger deep states in programs that use custom data types such in network protocols. CI Fuzz comes with a set of predefined structures to handle several formats and protocols (JSON/XML/YAML/CSV/...).
  • Stateful fuzzing
    Support for fuzzing stateful applications that require exchange of several messages of a given format to trigger deep states in the code. 

Get a live demo of how feedback-based fuzzing works!

Get Started