ToothPicker Description

ToothPicker, a coverage-guided in-process fuzzer is available for iOS. It was developed specifically to target iOS's Bluetooth Daemon and analyze various Bluetooth Protocols on iOS. It can be adapted for any platform that uses FRIDA as it was built using FRIDA. This repository includes an over the air fuzzer that uses InternalBlue to fuzz Apple’s MagicPairing Protocol. It also contains the ReplayCrashFile, a script that can verify crashes found by the in-process fuzzer. This is a simple fuzzer which only flips bits of bytes from inactive connections. No injection or coverage, but a nice demo. No modules or installation required. ToothPicker was built on frizzer's codebase. It is recommended that you set up a Python virtual environment for frizzer. PAC was introduced with the iPhone XR/Xs.

ToothPicker Alternatives
Jazzer Reviews
Jazzer
Jazzer is an in-process, coverage-guided fuzzer developed by Code Intelligence for the JVM platform. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Docker can be used to test Jazzer's autofuzz, which generates arguments for a Java function and reports unexpected errors and detected security issues. You can also run a standalone Jazzer binaries that starts its JVM configured for fuzzling using GitHub release archives.
Learn more
Boofuzz Reviews
Boofuzz
Boofuzz forks and succeeds the venerable Sulley fuzzing framework. Boofuzz is a fork of the venerable Sulley fuzzing framework. It aims to be extensible, in addition to numerous bug fixes. Boofuzz, like Sulley, incorporates all of the critical elements that make up a fuzzer, such as easy and quick data creation, instrumentation and detection of failures, target reset after failure and recording of test results. Installation is much easier and supports arbitrary communication mediums. Support for serial fuzzing and UDP broadcast. Consistent, thorough and clear recording of test data. Test result CSV export and extensible instrumentation/failure detection. Boofuzz is installed as a Python Library used to create fuzzer scripts. It is highly recommended that Boofuzz be installed in a virtual environment.
Learn more
Atheris Reviews
Atheris
Atheris is an engine for Python fuzzing that uses coverage-guided fuzzing. It supports fuzzing Python code as well as native extensions written in CPython. Atheris is based off libFuzzer. Atheris is a tool that can be used for fuzzing native code to find additional bugs. Atheris supports Linux 32- and 64-bit and Mac OS X with Python versions 3.6-3.10. It comes with an integrated libFuzzer that is suitable for fuzzing Python code. If you want to fuzz native extensions you may have to build Atheris from source in order to match the libFuzzer versions. Atheris relies upon libFuzzer which is distributed along with Clang. Apple Clang does not come with libFuzzer. You'll have to install a different version of LLVM. Atheris is based upon a coverage-guided, mutation-based fuzzer called LibFuzzer. This has the benefit of not requiring a grammar definition to generate inputs. It makes its setup easier. The disadvantage is that the fuzzer will have a harder time generating inputs for complex data types.
Learn more
syzkaller Reviews
syzkaller
Syzkaller is a kernel fuzzer that uses coverage to guide the fuzzing process. Supports FreeBSD Fuchsia gVisor Linux, NetBSD OpenBSD and Windows. Initially, syzkaller focused on Linux kernel fuzzing, but it is now being extended to other OS kernels. When syzkaller detects a crash in a VM, it will start the process to reproduce the crash. It will, by default, use 4 VMs in order to reproduce the crash. Then it will minimize the program which caused the crash. This could stop the fuzzing as all the VMs may be busy reproducing crashes. The time it takes to reproduce a crash can vary from a few seconds up to an entire hour, depending on how easily reproducible the crash is or if it cannot be reproduced at all.
Learn more

Pricing

Pricing Starts At:
Free
Free Version:
Yes

Integrations

View Integrations

Reviews

Total
ease
features
design
support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:
Secure Mobile Networking Lab
Website:
github.com/seemoo-lab/toothpicker

Media

ToothPicker Screenshot 1
ToothPicker Screenshot 1 ToothPicker Screenshot 2
Recommended Products
Our Free Plans just got better! | Auth0 by Okta Icon
Our Free Plans just got better! | Auth0 by Okta

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.
Try free now

Product Details

Platforms
Mac
iPhone
iPad
Type of Training
Documentation
Customer Support
Online

ToothPicker Features and Options

ToothPicker User Reviews

Write a Review
  • Previous
  • Next