Peach Fuzzing Platform – Smarfuzzer For Generation & Mutation Based Fuzzing


Peach is a SmartFuzzer that is capable of performing both generation and mutation based fuzzing.

There are typically two methods for producing fuzz data that is sent to a target, Generation or Mutation. Generational fuzzers are capable of building the data being sent based on a data model provided by the fuzzer creator. Sometimes this is simple and dumb as sending random bytes, or much smarter by knowing good values and combining them in interesting ways.

Mutation on the other hand starts out with a known good “template” which is then modified. However, nothing that is not present in the “template” or “seed” will be produced. For example, if a file format specified 18 types of chunks or optional data segments and the “template”/”seed” only used four (4) of them, a mutational based fuzzer would never generate the other chunks not present only modify the chunks it is presented with.

Peach requires the creation of PeachPit files that define the structure, type information, and relationships in the data to be fuzzed. It additionally allows for the configuration of a fuzzing run including selecting a data transport (Publisher), logging interface, etc.

Peach Pit files are XML files that contain all of the information needed for Peach to perform a fuzzing run. When you fuzz something with Peach you are creating a Peach Pit file.

Peach has been under active development for five years and is in its second major version.

You can read the Peach Quickstart here to get going.

Requirements

  • For Windows install Debugging Tools for Windows (download)
  • For Linux Install Python 2.5 (2.6 is OK)

You can download Peach here:

Windows – x86 Installer, x64 Installer
Linux – Peach-2.3.6-src.zip

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Secure Coding

, , ,


Latest Posts:


HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.
Stardox - Github Stargazers Information Gathering Tool Stardox – Github Stargazers Information Gathering Tool
Stardox is a Python-based GitHub stargazers information gathering tool, it scrapes Github for information and displays them in a list tree view.
ZigDiggity - ZigBee Hacking Toolkit ZigDiggity – ZigBee Hacking Toolkit
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.
RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.


Comments are closed.