The idea is to be the Network Protocol Fuzzer that we will want to use.
The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to define the communications, helping to identify the “suspects” of crashing a service, and much more
- Data Generation modules fully recoded (Primitives, Blocks, Requests)
- Improved Strings fuzzing libraries, allowing also for custom lists, files and callback commands
- Variable data type, which takes a variable set by the session, the user or a Response
- Session fully recoded. Now it is based on TestCases, which contains all the information needed to perform the request, check the response, store data such as errors received, etc.
- Responses added. Now you can define responses with s_response(), This allows to check the response from the server, set variables and even perform additional tests on the response to check if something is wrong
- Monitors now automatically mark TestCases as suspect if they fail
- Added the IPP (Internet Printing Protocol) Fuzzer that we used to find several vulnerabilities in different printer brands during our printers research project (https://www.youtube.com/watch?v=3X-ZnlyGuWc&t=7s)