CERT Failure Observation Engine (FOE) Significant changes
FOE 2.1 (September 23, 2013)
Environment changes
Upgraded to MSEC !exploitable 1.6
Code changes
Crash uniqueness determined by exception chains - Improved exploitability bucketing of exception chains
Dynamic timeouts (CPU-usage-driven) for GUI applications
Zip seed file awareness (fuzz contents, not container)
New and improved scripts in the tools directory
Simplified usage
Optional feature to recycle crashing test cases as seed files
Minimization to string defaults to Metasploit string
Various bug fixes and improved error handling
FOE 2.0.1 (October 19, 2012)
Code changes
BFF 2.6 and FOE 2.0.1 use the same certfuzz package
Fixed a bug in minimizer crash recycling
Various bug fixes and improved error handling
FOE 2.0 (July 20, 2012)
Environment changes
Upgraded to python 2.7
Code changes
Improved support for multiple seed files
Crashes found during minimization get analyzed as well
Improved machine learning implementation applied to both seed file selection and rangefinder
Minimizer tuned for performance
Optional minimization-to-string feature
Continues handled exceptions
Button clicker included
New drillresults.py script for picking out interesting crashes
Added new fuzzers: drop, insert, truncate, verify
Refactored into object-oriented code
Merged in many other features from CERT's Basic Fuzzing Framework (BFF) for Linux v2.5
FOE 1.0 (April 20, 2012)
Initial Release