> I have some time on my hands (about two months) to
> work on a new network protocol fuzzer which I intend
> to write in Python. I don't have much experience in
> Python but my intention is to learn it by writing the
> fuzzer. I am looking for a protocol which is
> interesting and does not yet have a fuzzer for it.
> IMAP and RIP for instance already seem to have
> fuzzers. Anyone any ideas for other protocols?
Your best bet is probably finding a protocol that's:
1. Relatively new, so the implementations are likely buggier. (That way
you can get some fame from publishing new holes you find.)
2. Is implemented by several different software systems. If a new
protocol is only implemented by a single software package, writing a
whole fuzzer for it is kinda overkill.
The one protocol that comes to mind which seems to fit this criteria is
RSS. I know little about it though, so it may not be that interesting
to fuzz.
I would love to see (as I'm sure others on the list would) what you end
up writing.
good luck,
tim
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
|