SmartRocket TestSec is an automated, intelligent black-box fuzzing and penetration testing tool designed for industrial-internet software. It focuses on communication protocols and basic software components, performing a wide variety of fuzzing attacks, penetration attacks, and security-function verification activities. The tool helps organizations effectively discover and remediate potential security vulnerabilities in industrial-control communication systems. By means of automated, systematic, and intelligent fuzz-testing methodologies, SmartRocket TestSec significantly improves system robustness and overall security posture.
The tool supports one-click testing. Users can configure corresponding test cases based on protocol templates, selecttest cases according to requirements, and start testing.
The tool supports real-time display of packet data on the network card. Clicking it will show detailed information, and the displayed packets can be filtered, stored, scrolled, cleared, etc.
The tool supports constructing custom packets based on Ethernet Il, TCP, UDP, IPV4, ICMPV4, ARP, SOME/IP, DOIP protocols and sending them.
For each protocol, the tool uses protocol modeling to build test cases, thereby ensuring100% coverage of protocol state machines and fields.
The tool uses a black-box testing approach, with no need to access the source code during use. The tool embeds test scripts, from test case generation, management, execution, to report generation, fully automating the operation.
Every test case of the tool is open to users. Users can view the interaction flow and specific content of test case packets and how exceptional cases are generated.
The tool provides bidirectional testing for some specific protocols from both server and client side, ensuring complete coverage of protocol packets.
Users can add and customize based on the existing protocol templates or rules of the tool, meeting the feasibility depth requirements of fuzz testing. Supports customized test report templates, providing multidimensional system security analysis based on customer needs.
N/WP29 R155, T/GHDO 89.2-2022, 20214422-Q-339, GB/T 40861-2021, GB/T 40857-2021, GB/T 40856-2021
