Traffic Capture Fuzzer Data Sheet
Test Suite:
Traffic Capture Fuzzer
Direction:
Both

The Capture Test Fuzzer generates test cases based on an user-provided traffic capture file. Protocol implementation running on top of Ethernet, IP, UDP, TCP or SCTP transport can be tested with the fuzzer. The Traffic Capture Fuzzer automatically reverse-engineers communications protocols. Once portions of the protocols are reverse-engineered, the TCF builds tests for security vulnerabilities that could be exploited by black-hat hackers.

Used specifications

Specification
Title
http://wiki.wireshark.org/Development/LibpcapFileFormat

Libpcap file format

http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html

PCAP Next Generation file format (requires Defensics 10.2.0 or later)

Tool-specific information

Features
Notes
Allows testing of unknown protocols

Frame level and application level replay

Generated test cases can be replayed either on application layer or data layer (Ethernet)

IP address spoofing

Client and server testing

Allows user to edit messages

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis