Fuzzman is a simple perl script from cipher.org.uk (the guys that brought you bugle). It is a simple perl script that inspects the man page for a command and enumerates through the combinations of command line options. It then creates a shell script that will run the commands with fuzzing data, such as buffer overflow or format strings. You then run the shell script and look for a crash. It's a simple automated script, with some simple changes you could even make it part of your automated testing suite.
For more information on fuzzman, examples and download go to:
http://www.cipher.org.uk/read/2007/04/18/fuzzman-man-pages-based-fuzzer/
Pros:
By generating the fuzzing script from man pages it can fuzz any binary that has a man page.
Cons:
Many binaries are missing or have inconsistent man pages.
For more information on fuzzman, examples and download go to:
http://www.cipher.org.uk/read/2007/04/18/fuzzman-man-pages-based-fuzzer/
Pros:
By generating the fuzzing script from man pages it can fuzz any binary that has a man page.
Cons:
Many binaries are missing or have inconsistent man pages.
