Kyle Marsh
18c3fe53c2
S3 Fuzzer: Output and garbage data tweaks.
...
- Output tweaks
- added support for printable_no_whitespace and binary_no_whitespace
2011-09-12 13:03:55 -07:00
Kyle Marsh
23fee1476a
S3 Fuzzer: Start Fuzzing
...
- tweak yaml decision graph
- add test setup bucket creation, etc.
- add output with varying levels of verbosity
2011-09-12 13:01:07 -07:00
Kyle Marsh
e12f124686
S3 Fuzzer: Change how random data works
...
Remove SpecialVariables dict subclass in favor of RepeatExpandingFormatter
string.Formatter subclass.
2011-09-12 12:58:57 -07:00
Kyle Marsh
14288ad2f6
S3 Fuzzer: Incorporate Tv's suggestions
...
Tv looked over the fuzzer and had some idiomatic and design suggestions.
Adds several tests and reworks how expansion happens in addition to idiom
changes.
2011-09-12 12:57:43 -07:00
Kyle Marsh
bb7111a0d1
S3 Fuzzer: Write Decision Graph
...
Start writing the decision graph describing the fuzzer's attack surface in
earnest.
2011-09-12 12:55:32 -07:00
Kyle Marsh
62bd05a390
S3 Fuzzer: Handle null choices
...
Sometimes you might want to have your current node terminate the descent or
set something to the empty string.
2011-09-12 12:53:18 -07:00
Kyle Marsh
d7b49713f7
S3 Fuzzer: Implmented headers and made random safe
...
Random can sometimes include } or { which will confuse the string formatter.
Formatter escapes those values when they're doubled: }}, {{ but this
required some slight hacking to the expander.
2011-09-12 12:53:18 -07:00
Kyle Marsh
3f1314f7c8
S3 Fuzzer: set values can be weighted lists now
2011-09-12 12:53:18 -07:00
Kyle Marsh
4737652fc1
S3 Fuzzer: Added binary mode to random data generator
2011-09-12 12:53:18 -07:00
Kyle Marsh
195571b555
S3 Fuzzer: support weights for choices
2011-09-12 12:53:18 -07:00
Kyle Marsh
f5bb3f9c15
S3 Fuzzer: implemented decision expansion
...
Decision reached by descending the graph describing the attack surface can
be expanded to fill in all the placeholders
2011-09-12 12:53:17 -07:00
Kyle Marsh
7d9ec02686
S3 Fuzzer: Added SpecialVariables dict subclass
...
Helper class to catch sentinal keys and turn them into random values. This
will be used to generate garbage data when expanding a decision.
Also add unit tests for expand_decision and assemble_decision
2011-09-12 12:52:37 -07:00
Kyle Marsh
a9a41a2891
S3 Fuzzer: began writing graph descent
...
still missing headers and choice weights
2011-09-12 12:52:37 -07:00
Kyle Marsh
fc93c02963
S3 Fuzzer: Change direction towards decision tree
...
Fuzzer now builds requests based on a DAG that describes the request space
and attack surface.
2011-09-12 12:51:01 -07:00