I haven't shown you all the source code, just the most important parts. Once you have everything together, you can load the test suite in Defensics and use it very much like any other Defensics test suite.
Assuming Defensics is on the same network as the test bed virtual machine, you simply tell Defensics the IP address and port number of the target. If you use port 18444, it’s mapped to the fleur container.
By default, Defensics will use implicit TCP instrumentation, which means Defensics assumes the target is still healthy as long as it can keep opening up the TCP port. If we did manage to kill bitcoind, Defensics would no longer be able to open the port and would flag an error.
If you want more information as you’re testing, use the following command to observe output to bitcoind's debug log. As with any fuzz testing, you'll typically see a mix of messages.
Sometimes bitcoind will report the received test case, and sometimes it will complain about one thing or another. Monitoring the log is a good way to confirm that test cases are being received and processed by the target.