{"id":845,"date":"2008-05-21T07:53:41","date_gmt":"2008-05-21T07:53:41","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=845"},"modified":"2015-09-09T19:39:27","modified_gmt":"2015-09-09T11:39:27","slug":"tmin-test-case-optimizer-for-automated-security-testing","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2008\/05\/tmin-test-case-optimizer-for-automated-security-testing\/","title":{"rendered":"Tmin – Test Case Optimizer for Automated Security Testing"},"content":{"rendered":"
[ad]<\/p>\n
Tmin is a simple utility meant to make it easy to narrow down complex test cases produced through fuzzing. It is closely related to another tool of this type, delta<\/a>, but meant specifically for unknown, underspecified, or hard to parse data formats (without the need to tokenize and re-serialize data), and for easy integration with external UI automation harnesses.<\/p>\n It also features alphabet normalization to simplify test cases that could not be further shortened.<\/em><\/p>\n Example<\/strong><\/p>\n You can download Tmin 0.03 here:<\/p>\n$ cat testcase.in\r\nThis is a lengthy and annoying hello world testcase.\r\n\r\n$ cat testme.sh\r\n#!\/bin\/bash\r\n\r\ngrep \"el..*wo\" || exit 0\r\nexit 1\r\n\r\n$ ..\/tmin -x .\/testme.sh\r\ntmin - complex testcase minimizer, version 0.03-beta (lcamtuf@google.com)\r\n[*] Stage 0: loading 'testcase.in' and validating fault condition...\r\n[*] Stage 1: recursive truncation (round 1, input = 53\/53)\r\n[*] Stage 1: recursive truncation (round 2, input = 27\/53)\r\n[*] Stage 1: recursive truncation (round 3, input = 14\/53)\r\n[*] Stage 1: recursive truncation (round 4, input = 10\/53)\r\n[*] Stage 1: recursive truncation (round 5, input = 8\/53)\r\n[*] Stage 1: recursive truncation (round 6, input = 7\/53)\r\n[*] Stage 2: block skipping (round 1, input = 7\/53)\r\n[*] Stage 2: block skipping (round 2, input = 6\/53)\r\n[*] Stage 2: block skipping (round 3, input = 5\/53)\r\n[*] Stage 3: alphabet normalization (round 1, charset = 5\/5)\r\n[*] Stage 3: alphabet normalization (round 2, charset = 5\/5)\r\n[*] Stage 4: character normalization (round 1, characters = 4\/5)\r\n[*] All done - writing output to 'testcase.small'...\r\n\r\n== Final statistics==\r\n Original size : 53 bytes\r\nOptimized size : 5 bytes (-90.57%)\r\nChars replaced : 1 (1.89%)\r\n Efficiency : 9 good \/ 49 bad\r\n Round counts : 1:6 2:3 3:2 4:1\r\n\r\n$ cat testcase.small\r\nel0wo<\/code><\/pre>\n