vusbf-Framework: A KVM/QEMU based USB-fuzzing framework.
Sergej Schumilo, OpenSource Security Spenneberg 2015
A USB-fuzzer which takes advantage of massive usage of virtual machines and also offers high reproducibility. This framework was initially released at Black Hat Europe 2014. This software is licensed under GPLv2. vUSBf was written in Python2 and requires the Scapy-framework. This framework provides:
* USB-fuzzing in practical time frames
* multiprocessing and clustering
* export sequences of payloads and replay them for debugging or investigation
* XML-based dynamic testcase generating
* expandable by writing new testcases, USB-emulators or monitoring-modules
R00tkitSMM has created a Windows win32k.sys fuzzer project called Win32k-Fuzzer:
Fuzz and Detect “Use After Free” vulnerability in win32k.sys (Heap based)
“Win32k.sys for Windows is like Java for internet.”
Hubert Kario of Red Hat announced a new tool on the OSS-security list today. The tool, ‘tlsfuzzer’, is for reproducing, testing and (in the future) automatically finding issues in TLS implementations.
I’m looking forward to seeing if this can help test Tianocore’s HTTPS support, when TLS is added. 🙂
For more information, see the full post on the OSS-security list.
KLEE is the LLVM-based fuzzer. Life with QEMU/OVMF will hopefully get more interesting, especially with SMM moving into OVMF.