Peach Fuzzer™ performs security testing on a system, application, embedded device, or kernel-mode software using automatically generated test cases. An end-to-end solution. Your task is to define the data format from an RFC or from an interface definition. Peach Fuzzer finds the bugs; then, reproduces each bug to ensure its validity.
Peach Fuzzer introduced the concept of state modeling, or using models of the data flow as part of its security tests. Now, you can detect the effects of illegal state transitions without code. Maybe your test target doesn't crash from illegal state shifts; but, it could show signs of instability from the bombardment of illegal state transitions. And, this feature is part of the core system.
Want to let the fuzzer do the work? Good. Use the web-based user interface to pick a predefined fuzzing definition for your target, select a monitor or two that are suitable for your bench setup, and start the fuzzing session. Once started, Peach provides ongoing status and gives results--aggregate or drill-down.
External devices. Proprietary systems. Protocol extensions. Peach Fuzzer has the tools so that that you and your team can fully fuzz the test subject. Today.
The process is simple:
1. Select a fuzzing setup fit for your target.
2. Select test monitors.
3. Run the tests.
Then, see the status and view the results, aggregate or
Data layouts only, please.
That's all the Peach Fuzzer needs to generate the tests with which it buffets the test target: causing crashes, creating unstable states, and uncovering other security and reliability issues.
Peach Fuzzer grows along with you.
Today, build a custom fuzzing setup for a new application, device or protocol.
Not enough? Then, augment the Peach Fuzzer platform with custom components.
for millions of tests, for entire fuzzing runs, and
for concurrent fuzzing sessions.
The result: your team increases coverage and depth of your software assurance efforts.