Path based Dynamic Analysis (Works for 32-bit programs only)
- bzip2
- autoconf
- make
- gcc
- python
- gawk
- 32 bit libraries for ubuntu (sudo apt-get install ia32-libs)
- 32 bit c library for building c programs for testing with pathgrind (sudo apt-get install libc6-dev-i386)
On ubuntu you can install the dependencies using apt-get, e.g. sudo apt-get install autoconf
$ ./install.sh
Configuration file: fuzz/settings.cfg
CLI: $ ./fuzz/fuzz.py
GUI: $ ./fuzz/gui.py
$ ./fuzz/fuzz.py test6
New input are created in testcase/input/
Crash files are be saved in testcase/crash/
You can also read a fairly detailed tutorial on Pathgrind at the SRC:CLR blog
Exploiting Undefined Behaviors for Efficient Symbolic Execution, ICSE 2014
[An Empirical Study of Path Feasibility Queries] (http://arxiv.org/abs/1302.4798), CoRR 2013
[A Critical Review of Dynamic Taint Analysis and Forward Symbolic Execution] (http://asankhaya.github.io/pdf/ACriticalReviewofDynamicTaintAnalysisandForwardSymbolicExecution.pdf), Technical Report NUS 2012