SmartRocket Fuzzer

The fuzzy testing tool SmartRocket Fuzzer

Product overview

Fuzz testing is a method of detecting software vulnerabilities by providing unexpected input to the target system and monitoring for abnormal results.

The implementation of fuzz testing is a very simple process:

The SmartRocket Fuzzing Fuzzing test tool is a new generation weapon for DevSecOps. By inserting the software source code or binary program, it realizes the software runtime state monitoring, and continuously outputs more effective test cases to traverse the new or unpredictable execution path, thus triggering various exceptions and restoring the existing vulnerabilities. It applies program analysis, reverse engineering, code piling, symbol execution and artificial intelligence and other cutting-edge technologies in the computer field.


Features

  • Overlay guidance test

    By piling the program and trying to approximate all the execution paths of the program, test cases are generated automatically through various algorithms to discover potential defects in the program. It applies program compilation, control flow analysis,

  • Analysis of defects and vulnerabilities

    Automatic analysis of defects and vulnerabilities can be detected in the following types:1.Runtime error: division by 0, segment error, dead loop, deadlock;2.Memory security defects: heap overflow, stack overflow, buffer overflow;3.Assertion issue exposed

  • C/C++ source code engineering

    Support for C/C++ language source code fuzzy testing. Integration testing for source code engineering is very simple in three steps:1.Provide a directory or package of source code projects that can be compiled, determine the way to build them automaticall

  • Binary program

    1.Binary programs can be run directly or in a virtual machine environment.2.Binaries are divided into applications and services or dynamic libraries.3.For applications which is similar to source code compiled directly after execution in the environment.

Value advantage

  • Perfect automatic vulnerability discovery system

    With the rapid development of information technology, the functions and scale of software are increasing day by day, and the traditional testing and defect analysis methods relying on human hands cannot meet the needs of the future. How to ensure the reliability and security of software has become an increasingly serious challenge.

    Fuzziness tests automatically generate test cases to discover potential defects in a program by attempting to approximate all execution paths of the program. Fuzz testing can also be integrated into the original CI/CD/DevOps development process as a continuous deployment process, and become a complete set of automated vulnerability discovery system to help customers find bugs and vulnerabilities efficiently, quickly and easily.

     

Typical applications

The embedded integrated fuzzy testing tool is mainly used in the integrated testing of safety-related fields, such as aerospace, rail transit, automobile electronics and other fields. Fuzzy-testing method is used to find the potential defects in the software program, so as to enhance the robustness and security of the software effectively.
  • Aeronautics and astronautics

  • rail traffic

  • Automotive electronics