WINGFZZ FOR RROTOCOL

翼卫 WINGFUZZ 协议智能模糊测试系统
WINGFUZZ 协议智能模糊测试系统(WINGFUZZ for Protocol)是智能化的协议质量与安全监测工具,可以自动生成待测协议的测试报文,对工控协议、实时协议、区块链共识协议和通用网络协议等都能进行高效的漏洞挖掘,支持多类型的高危漏洞检测,并通过WINGFUZZ平台提供可视化功能,从底层提供协议安全保障。

WINGFUZZ 协议智能模糊测试系统完全自主可控,同时支持黑盒和灰盒的模糊测试工作模式,协议双端模糊测试、报文序列级别变异和报文格式级别的拆解、重组技术,跨状态覆盖和漏洞挖掘能力都处于国际领先的地位。系统已在IEC104、RTPS、SSL、FISCO-BCOS等协议上发现众多安全缺陷。

PERFORMANCE

领先的性能指标

WINGFUZZ协议测试核心性能指标领先于同类标杆工具。

针对RTPS、IEC61850、Libressl等工业界知名协议实现的评测对比中

40.17%

测试覆盖率相比于Peach等工具提升

针对IEC104、DDS、ICCP、SSL、TLS、FISCO-BCOS等知名协议的漏洞挖掘中

172.7%

缺陷检测数量相比于Peach等工具提升

MINING ABILITY

经验证的漏洞挖掘能力

协议名称 缺陷类型 详情
Cyclone DDS stack buffer overflow CVE-2020-18734
Cyclone DDS heap buffer overflow CVE-2020-18735
libiec_iccp_mod heap buffer overflow CVE-2020-20662
libiec_iccp_mod heap buffer overflow CVE-2020-20663
libiec_iccp_mod segmentation violation CVE-2020-20664
IEC104 segmentation violation CVE-2020-18730
IEC104 segmentation violation CVE-2020-18731
IEC104 stack buffer overflow CVE-2020-20486
IEC104 heap buffer overflow CVE-2020-20490
libiec61850 heap buffer overflow CVE-2018-19185
libiec61850 SEGV CVE-2018-19121
libiec61850 SEGV CVE-2018-19093
libiec61850 Null pointer dereference CVE-2018-19122
libiec61850 Null pointer dereference CVE-2018-18937
libiec61850 heap buffer overflow CVE-2018-18834
GnuTLS Null pointer dereference CVE-2021-4209
Libressl stack buffer overflow CVE-2021-41581
Rudp memory leak CVE-2020-20665
accel-ppp stack buffer overflow CVE-2021-42054
FISCO-BCOS Package Decode Fail CVE-2021-35401
FISCO-BCOS denial of service CVE-2021-46359
HyperLedger Fabric break down CVE-2021-43669
Go-Ethereum runtime error crash CVE-2021-43668
HyperLedger Fabric break down CVE-2021-43667
FISCO-BCOS Bad Free CNVD-2021-80670
FISCO-BCOS En/Decryption Error CNVD-2021-70168
accel-ppp stack buffer overflow https://github.com/xebd/accel-ppp/issues/158
accel-ppp memory leak https://github.com/xebd/accel-ppp/issues/155
OpenDDS heap buffer overflow https://github.com/objectcomputing/OpenDDS/issues/1826
OpenDDS heap buffer overflow https://github.com/objectcomputing/OpenDDS/issues/1827
Fast-DDS stack buffer overflow https://github.com/eProsima/Fast-DDS/issues/1337
Fast-DDS stack buffer overflow https://github.com/eProsima/Fast-DDS/issues/1338
Go-Ethereum Data Race https://github.com/ethereum/go-ethereum/issues/23965
DIEM Unexpected Panic https://github.com/diem/diem/issues/9753
Fabric Unexpected Panic https://jira.hyperledger.org/browse/FAB-18528
Fabric Unexpected Panic https://jira.hyperledger.org/browse/FAB-18529

EXPERIENCE WINGFUZZ

诚邀体验
下一代软件安全技术
联系我们