Excerpt |
---|
CERT |
...
Failure |
...
Observation |
...
Engine |
...
(FOE) |
...
Significant |
...
changes |
Table of Contents |
---|
FOE 2.1
...
(September
...
23,
...
2013)
...
Environment changes
- Upgraded to MSEC !exploitable 1.6
Code changes
- Crash uniqueness determined by exception chains - Improved exploitability bucketing of exception chains
- Dynamic timeouts (CPU-usage-driven)
...
- for
...
- GUI
...
- applications
- Zip seed file awareness (fuzz contents, not container)
- New and improved scripts in the tools directory
- Simplified usage
- Optional feature to recycle crashing test cases as seed files
- Minimization to string defaults to Metasploit string
- Various bug fixes and improved error handling
FOE 2.0.1
...
(October
...
19,
...
2012)
...
Code
...
changes
- BFF 2.6
...
- and
...
- FOE
...
- 2.0.1
...
- use
...
- the
...
- same
...
- certfuzz
...
- package
- Fixed a bug in minimizer crash recycling
- Various bug fixes and improved error handling
FOE 2.0 (July 20, 2012)
Environment changes
- Upgraded to python 2.7
Code changes
- Improved support for multiple seed files
- Crashes found during minimization get analyzed as well
- Improved machine learning implementation applied to both seed file selection and rangefinder
- Minimizer tuned for performance
- Optional minimization-to-string feature
- Continues handled exceptions
- Button clicker included
- New drillresults.py script for picking out interesting crashes
- Added new fuzzers: drop, insert, truncate, verify
- Refactored into object-oriented code
- Merged in many other features from CERT's Basic Fuzzing Framework (BFF) for Linux v2.5
FOE 1.0 (April 20, 2012)
- Initial Release