honggfuzz – general-purpose fuzzer
honggfuzz is a general-purpose, easy-to-use fuzzer that supplies and modifies input to a test program and utilize the ptrace() API/POSIX signal interface to detect and log crashes. some of the features:
- Easy setup: No complicated configuration files or setup necessary — Hongfuzz can be run directly from the command line.
- Fast: Multiple Hongfuzz instances can be run simultaneously for more efficient fuzzing.
- Powerful analysis capabilities: Hongfuzz will use the most powerful process state analysis (e.g. ptrace) interface under a given OS.
The tool have been used in the past to uncover some security vulnerabilities including CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527, Multiple bugs in the libtiff library, Multiple bugs in the librsvg library, Multiple bugs in the poppler library, Multiple exploitable bugs in IDA-Pro.
You can find more information and how to use honggfuzz utility over this link: https://code.google.com/p/honggfuzz/