Defensics is a generational fuzzer, which means it creates test cases based on a detailed model of the input data. The result: test cases that are very realistic but messed up in some way. This technique is highly effective in burrowing into different control paths in the target and revealing vulnerabilities. Subjectively speaking, the test cases have high quality.
The disadvantage of generational fuzzing is that somebody has to create the data model for the inputs you are fuzzing. Luckily, Defensics already has an impressive array of prebuilt test suites, more than 250 of them, that cover many common network protocols and file formats. It’s like one of those expansive diner menus where you can order everything from scrambled eggs to moo shu pork.
Even so, you will sometimes have to test a piece of software that Defensics does not already have an appropriate test suite for. Maybe it is a proprietary protocol or something relatively obscure.
Regardless, the Defensics SDK allows you to harness the power of Defensics to create test suites for any type of data. In this article, I’ll walk through how easy it is to create such a test suite. I won’t cover the basics of setting up and using the Defensics SDK. For that information, consult the documentation. This article will highlight how to start modeling a custom protocol.