ToothPicker

ToothPicker

Secure Mobile Networking Lab
+
+

Related Products

  • MASV
    80 Ratings
    Visit Website
  • Wiz
    1,446 Ratings
    Visit Website
  • Air
    845 Ratings
    Visit Website
  • Dragonfly
    16 Ratings
    Visit Website
  • Cloudbrink
    28 Ratings
    Visit Website
  • Price2Spy
    229 Ratings
    Visit Website
  • CirrusPrint
    2 Ratings
    Visit Website
  • PDFCreator
    536 Ratings
    Visit Website
  • NeuBird
    2 Ratings
    Visit Website
  • Everstage
    3,550 Ratings
    Visit Website

About

Fuzzing is a powerful strategy to find bugs in software. The idea is quite simple, which is to generate a large number of randomly malformed inputs for the software to parse and see what happens. If the program crashes then something is likely wrong. While fuzzing is a well-known strategy, it is surprisingly easy to find bugs, often with security implications, in widely used software. Memory access errors are the errors most likely to be exposed when fuzzing software that is written in C/C++. While they differ in the details, the core problem is often the same, the software reads or writes to the wrong memory locations. A modern Linux or BSD system ships a large number of basic tools that do some kind of file displaying and parsing. In their current state, most of these tools are not suitable for untrusted inputs. On the other hand, we have powerful tools these days that allow us to find and analyze these bugs.

About

ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically target iOS's Bluetooth daemon and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any platform that runs FRIDA. This repository also includes an over-the-air fuzzer with an exemplary implementation to fuzz Apple's MagicPairing protocol using InternalBlue. Additionally, it contains the ReplayCrashFile script that can be used to verify crashes the in-process fuzzer has found. This is a very simple fuzzer that only flips bits and bytes of inactive connections. No coverage, no injection, but nice as a demo and stateful. Runs just with Python and Frida, no modules or installation are required. ToothPicker is built on the codebase of frizzer. It is recommended to set up a virtual Python environment for frizzer. Starting from the iPhone XR/Xs, PAC has been introduced.

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Audience

Developers and anyone in need of a tool to improve the security of their software applications

Audience

Professional users interested in a fuzzing solution to test their iOS applications

Support

Phone Support
24/7 Live Support
Online

Support

Phone Support
24/7 Live Support
Online

API

Offers API

API

Offers API

Screenshots and Videos

Screenshots and Videos

Pricing

Free
Free Version
Free Trial

Pricing

Free
Free Version
Free Trial

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Training

Documentation
Webinars
Live Online
In Person

Training

Documentation
Webinars
Live Online
In Person

Company Information

Fuzzing Project
fuzzing-project.org

Company Information

Secure Mobile Networking Lab
github.com/seemoo-lab/toothpicker

Alternatives

Alternatives

LibFuzzer

LibFuzzer

LLVM Project
go-fuzz

go-fuzz

dvyukov
Atheris

Atheris

Google
ClusterFuzz

ClusterFuzz

Google
Jazzer

Jazzer

Code Intelligence
syzkaller

syzkaller

Google
Honggfuzz

Honggfuzz

Google

Categories

Categories

Integrations

C
C++
Python

Integrations

C
C++
Python
Claim Fuzzing Project and update features and information
Claim Fuzzing Project and update features and information
Claim ToothPicker and update features and information
Claim ToothPicker and update features and information