"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code

We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.

If you're serious about implementing protocols correctly, you need the Codenomicon tools."

-- Jeremy Allison,
   Co Creator of Samba


"Codenomicon has found a critical focus area which expands beyond web testing, where the XML industry has an opportunity to proactively assess the security holes contained in everyday services used by the general public. I would hope the industry warmly welcomes both the research results and an innovative testing solution to help diagnose the problems."

Prof. Howard A. Schmidt
former White House Cyber Security advisor & Codenomicon board member

DEFENSICS™ Universal Fuzzer   pdf

Introduction | Features | Benefits | Screenshots

Features

The most effective way to protect your systems against zero-day attacks is find and discover unknown, zero-day vulnerabilities in your systems proactively. Fuzzing is a technique used by hackers to find unknown vulnerabilities. Fuzzing your own software before deployment or integration will make the software more robust and secure.

The Universal Fuzzer enables both software vendors and corporation using their products to test file formats and devices and software used to read them. By doing this software vendors can improve the quality of their products compared to their competitors and companies can avoid attacks that could compromise their reputation and sales.

» TESTS ANYTHING: If you can present the data in file format, then you can test it with the universal fuzzer. Use the Universal Fuzzer to test image files, captured protocol messages, text documents, wireless frames, etc.

» INTELLIGENT FUZZING: Most fuzzers only perform random mutation fuzzing. The Codenomicon Universal Fuzzer utilizes heuristics to determine data structures, thus it is able to generate more intelligent test cases.

» EASY TO CREATE AND EXECUTE: The Universal Fuzzer does not require any protocol specific customization. Test cases are automatically generated from sample template files.

» BROAD COVERAGE: The Universal Fuzzer utilizes 15 different Fuzzers to generate test cases giving you a broad spread of what types of attacks your software will have to endure.

» CLEAR GUI AND AUTOMATED REPORTING FEATURES: The Universal Fuzzer can be run through the Defensics GUI making it easy to control 15 fuzzers simultaneously. You will also the benefit of Defensics' automated reporting features: simply click on a link in the report to reproduce test vulnerabilities.

» DIFFERENT TEST EXECUTION METHODS: The test cases can be run directly at the test target, or they can be injected using network connection. The test cases can also be sent using our built-in HTTP server.

Testing Process

Testing process is simple:

» Select your sample files. The more sample files you have, the more accurate the tests.
» Choose how many test cases you want to run.
» Decide which fuzzers you want to use and which ratio.
» Generate test cases and choose how you want to execute them.
» Report and mitigate.

Contact us for more information

First Name:

Last Name:

E-Mail:

Country:

Which product/service are you
interested in?

reCAPTCHA:

New Codenomicon Defensics Fuzzing Platform Released

Sign up for our newsletter

Facebook Facebook Facebook