4f: The File Format Fuzzing Framework
4f is a file format fuzzing framework. 4f uses modules which are specifications of the targeted binary or text file format that tell it how to fuzz the target application. If 4f detects a crash, it will log crucial information important for allowing the 4f user to reproduce the problem and also debugging information important to deciding the severity of the bug and its exploitability.
4f’s purpose is to find vulnerabilities in code that parses file formats including configuration files.
4f uses specialized modules for fuzzing code that interprets file formats. Several modules are included and more can be written to follow other file formats.
A module system is in place for fuzzing any file format you like as long as you know its specification
Custom debugger gathers crucial debugging information on crash, logs it, then continues fuzzing.
Usage
USAGE DETAILS
USAGE: ./4f <-T /usr/bin/target> <-M #> [-N fuzz.conf]
[-A ARGS] [-R /output] [-L log.txt] [-C] [-D]
INFO: [-O Fuzzing Oracle] [-S Modules Available]You can download 4f here:
Or read more here.
Tweet
Posted in: 
Recent in Exploits/Vulnerabilities:
- No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug
- Apple Bans Security Researcher Charlie Miller For Exposing iOS Exploit
- Rec Studio 4 – Reverse Engineering Compiler & Decompiler
Related Posts:
- Fuzzled – PERL Fuzzing Framework
- Tutorial for Fuzzled – Writing a Fuzzer with the Fuzzled Framework
- Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 191,045 views
- AJAX: Is your application secure enough? - 115,587 views
- eEye Launches 0-Day Exploit Tracker - 81,071 views
Recent Comments