Google has released their fuzzing-type web application security testing tool by an announcement at Google Online Security Blog: http://googleonlinesecurity.blogspot.com/2007/09/information-flow-tracing-and-software.html
This is what the project page itself says about the tool: "Flayer is a Valgrind tool which provides bit-precise dynamic taint analysis of input to a target application. In addition, it allows this flow to be altered irrespective of content through the modification of conditional jump (if clauses) and function call behavior."
The tool is released under GNU General Public License v2.
BTW: the fuzzing means the following: the tool automatically send different input to the application to find overflow type vulnerabilities etc.
Link: http://code.google.com/p/flayer/ |