ToothPicker Reviews

ToothPicker Description

ToothPicker, a coverage-guided in-process fuzzer is available for iOS. It was developed specifically to target iOS's Bluetooth Daemon and analyze various Bluetooth Protocols on iOS. It can be adapted for any platform that uses FRIDA as it was built using FRIDA. This repository includes an over the air fuzzer that uses InternalBlue to fuzz Apple’s MagicPairing Protocol. It also contains the ReplayCrashFile, a script that can verify crashes found by the in-process fuzzer. This is a simple fuzzer which only flips bits of bytes from inactive connections. No injection or coverage, but a nice demo. No modules or installation required. ToothPicker was built on frizzer's codebase. It is recommended that you set up a Python virtual environment for frizzer. PAC was introduced with the iPhone XR/Xs.

Pricing

Pricing Starts At:

Free

Free Version:

Yes

Integrations

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

Secure Mobile Networking Lab

Website:

github.com/seemoo-lab/toothpicker

Media

Product Details

Platforms

Mac

iPhone

iPad

Type of Training

Documentation

Customer Support

Online

ToothPicker Features and Options

Fuzz Testing Tool

Compare ToothPicker Against Alternatives

vs.

Atheris

Atheris is an engine for Python fuzzing that uses coverage-guided fuzzing. It supports fuzzing Python code as well as native extensions written in CPython. Atheris is based off libFuzzer. Atheris is a tool that can be used for fuzzing native code to find additional bugs. Atheris supports Linux...

Compare
vs.

LibFuzzer

LibFuzzer, a coverage-guided evolutionary fuzzing tool, is a fuzzing engine that works in the background. LibFuzzer links with the library being tested and feeds fuzzed data to the library through a specific fuzzing target function. The fuzzer tracks the code coverage and generates mutations...

Compare
vs.

syzkaller

Syzkaller is a kernel fuzzer that uses coverage to guide the fuzzing process. Supports FreeBSD Fuchsia gVisor Linux, NetBSD OpenBSD and Windows. Initially, syzkaller focused on Linux kernel fuzzing, but it is now being extended to other OS kernels. When syzkaller detects a crash in a VM, it will...

Compare
vs.

Jazzer

Jazzer is an in-process, coverage-guided fuzzer developed by Code Intelligence for the JVM platform. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Docker can be used to test Jazzer's autofuzz, which generates arguments for a Java function...

Compare
vs.

Defensics

Defensics, a versatile, automated blackbox fuzzer, allows organizations to quickly and effectively identify and fix security flaws in software. Identify flaws and zero-day vulnerabilities in protocols and services. The generational fuzzer uses an intelligent, targeted approach for negative...

Compare
vs.

Honggfuzz

Honggfuzz, a software fuzzer focusing on security, is available. Supports evolutionary feedback-driven fuzzing (SW and Hardware-based) based on code cover. Honggfuzz is multi-processed and multi-threaded. You don't need to run multiple instances of your fuzzer as it can unlock all of your CPU...

Compare
vs.

Awesome Fuzzing

Awesome Fuzzing contains a list of fuzzing materials, including books, free and paid courses, videos, tutorials, vulnerable applications, and tools to help you learn fuzzing, as well as the initial phases of exploit creation, such root cause analysis. Videos on fuzzing courses/training, videos...

Compare
vs.

american fuzzy lop

American fuzzy lop, a security-oriented fuzzer, uses a novel form of compile-time tooling and genetic algorithms to discover clean test cases that trigger internal states within the binary. This improves the functional coverage of the fuzzed codes. The compact corpora generated by the tool can...

Compare

Similar Software

Atheris

Atheris is an engine for Python fuzzing that uses coverage-guided fuzzing. It supports fuzzing Python code as well as native extensions written in CPython. Atheris is based off libFuzzer. Atheris is a tool that can be used for fuzzing native code to find additional bugs. Atheris supports Linux...

View Software
LibFuzzer

LibFuzzer, a coverage-guided evolutionary fuzzing tool, is a fuzzing engine that works in the background. LibFuzzer links with the library being tested and feeds fuzzed data to the library through a specific fuzzing target function. The fuzzer tracks the code coverage and generates mutations...

View Software
syzkaller

Syzkaller is a kernel fuzzer that uses coverage to guide the fuzzing process. Supports FreeBSD Fuchsia gVisor Linux, NetBSD OpenBSD and Windows. Initially, syzkaller focused on Linux kernel fuzzing, but it is now being extended to other OS kernels. When syzkaller detects a crash in a VM, it will...

View Software
Jazzer

Jazzer is an in-process, coverage-guided fuzzer developed by Code Intelligence for the JVM platform. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Docker can be used to test Jazzer's autofuzz, which generates arguments for a Java function...

View Software