Since its inception 12 years ago, Peach Fuzzer has grown to become the most powerful, intelligent, customizable fuzz-testing platform on the market. And our all-star dev team is constantly making improvements to keep this world-class fuzzer at the top. Our latest feature improvement comes in the form of adjustable tuning weights that change how Peach Fuzzer approaches fuzzing sessions.
Once you set your Peach Pit and target, you can now modify each individual element field with a priority value from lowest to highest, or choose to exclude it completely from the fuzzing session. Such a fine degree of control over your fuzzing jobs offers unparalleled opportunities for discovering unknown vulnerabilities. We’ve thought of a few use cases as examples:
* You’re already aware of an abundance of bugs in one element of the code, and repeatedly fuzzing it is causing the same crashes. You can now choose to ignore (exclude) that section from the fuzz testing cases and keep fuzzing the rest of your code.
* You have a portion of code that’s not implemented yet. Exclude it first, then include it, and compare the results.
* You’ve already fuzzed the rest of your code, but you have a portion that’s new. Give it the highest priority!
* Your analyst knows there is a portion of code that’s been more unstable than the rest. Now they can adjust the mutation strategy of their fuzz testing sessions to target those areas.
* You can use the tuning weights to leverage known Common Vulnerabilities and Exposures (CVEs) to quickly target and discover the unknown flaws in your code.
The tuning and weighting of mutation strategies based on elements of code is just one of the many powerful and user-friendly features that empower our Peach Fuzzer Enterprise clients to discover unknown vulnerabilities. It’s one more reason why business leaders in fields ranging from national defense to industrial operations choose Peach.