Don't like it? Trash it. I did. But on the other side, you ask for comments for your fuzzers I give somes constructive . Don't like it ? stay blind & Trash it :) Pete Licoln wrote: > Hi Jeremy, > > I think this fuzzer is useless, and doesn't have any kind of innovation. > This fuzzer acts as a cheap binary fuzzer, without any automation on > the targeted browser, like your others fuzzers you've wrote. > There's severals DOM CSS DHTML fuzzers written in JS way more > powerfull, did you heard about them ? > > Next time take some times before releasing such useless stuff. > > > Regards > > > > 2009/1/31 Krakow Labs <[email protected] <mailto:[email protected]>> > > That is one point I would like to get across: fuzzing doesn't have > to be > and frequently isn't random, no matter how much the wikis copy its > 'definition'. The fuzzing oracle is the heart of the fuzzing process, > and making sure it is adequate to check for bugs is, I feel, a key to > being successful when fuzzing. I understand that near complete > randomness can be effective as demonstrated with mangleme, etc, but I > rarely choose that approach when working on projects; I just do not > think of it as a huge benefit. And the number of fuzzing files is > limited to the functions and tags and to the fuzzing oracle, all of > which can be modified and rearranged. Information, information, > information :) > > You did ask some good questions, thanks for your input. > > webDEViL wrote: > > Hello Jeremy, > > > > I am in no way trying to criticise your work, just had a few > questions > > that I had to ask :) > > > > Your fuzzers are like meant to be run only once, cause pretty much > > everyone will have the same files created. > > Why isnt there any randomness in creating the fuzzed files? > > bf2[phase four] JS Process Complete (Final Count: 8004). > > > > Well I am saying that your fuzzer will die, in like a day, cause the > > number of files is finite and very few in number. > > Whats the point with such fuzzers being released to the community? > > > > > > > > Regards, > > webDEViL > > > > > > On Fri, Jan 30, 2009 at 11:14 PM, Krakow Labs > <[email protected] <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > Krakow Labs Development > > > > Browser Fuzzer 2 (bf2) is a comprehensive web browser fuzzer > that > > fuzzes > > CSS, DOM, HTML and JavaScript. > > > > bf2 is available @ www.krakowlabs.com > <http://www.krakowlabs.com> <http://www.krakowlabs.com> > > <http://www.krakowlabs.com> > > > > -KL > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
