Simplefuzz is my latest project. SimpleFuzz is a fuzzer designed with a few objectives in mind:
• Take full advantage of parallel computing
• Be able to exhaustively search a range of possibilities
• Be easy to use for “quick n’ dirty’ fuzzing
• Cater to manual fuzzing and reverse engineering
• Work well for the home user
SimpleFuzz is designed to be used in conjunction with manual fuzzing. It is for the scenario, where through the process of reverse engineering, the user discovered a small amount of control information that they determined is interesting and would like to fuzz. Exhaustively fuzzing a field manually is painful. Typically, a user will try interesting values 0, -1, <large_value_here> in an attempt to trip a bug. However, it is not uncommon that a specific value aside from these extremes triggers a bug.
You’ll have to excuse the random rocket and siren in the background… I was making steak and they served as my timer. Forgot it was in the oven while I was making the video. I also realized in the demo that I actually had limited it to 4 threads for testing purposes. It now runs at the full 100% and a bit faster than what was in the demo.