WINGFZZ FOR RROTOCOL

翼卫 WINGFUZZ 协议智能模糊测试系统
WINGFUZZ 协议智能模糊测试系统(WINGFUZZ for Protocol)是智能化的协议质量与安全监测工具,可以自动生成待测协议的测试报文,对工控协议、实时协议、区块链共识协议和通用网络协议等都能进行高效的漏洞挖掘,支持多类型的高危漏洞检测,并通过WINGFUZZ平台提供可视化功能,从底层提供协议安全保障。

WINGFUZZ 协议智能模糊测试系统完全自主可控,同时支持黑盒和灰盒的模糊测试工作模式,协议双端模糊测试、报文序列级别变异和报文格式级别的拆解、重组技术,跨状态覆盖和漏洞挖掘能力都处于国际领先的地位。系统已在IEC104、RTPS、SSL、FISCO-BCOS等协议上发现众多安全缺陷。

PERFORMANCE

领先的性能指标

WINGFUZZ协议测试核心性能指标领先于同类标杆工具。

针对RTPS、IEC61850、Libressl等工业界知名协议实现的评测对比中

40.17%

测试覆盖率相比于Peach等工具提升

针对IEC104、DDS、ICCP、SSL、TLS、FISCO-BCOS等知名协议的漏洞挖掘中

172.7%

缺陷检测数量相比于Peach等工具提升

MINING ABILITY

经验证的漏洞挖掘能力

协议名称 缺陷类型 详情
Fabric DoS CVE-2022-45196
FISCO-BCOS consensus fairness bug CVE-2022-28937
FISCO-BCOS consensus liveness bug CVE-2022-28936
FISCO-BCOS consensus liveness bug CVE-2022-26534
EOS buffer overflow CVE-2022-26300
HyperLedger Fabric logic weakness CVE-2022-26297
HyperLedger Fabric logic weakness CVE-2022-26295
FISCO-BCOS consensus liveness bug CVE-2021-46359
HyperLedger Fabric break down CVE-2021-43669
Go-Ethereum runtime error crash CVE-2021-43668
HyperLedger Fabric break down CVE-2021-43667
Go-Ethereum SIGBUS CVE-2021-42219
accel-ppp stack-buffer-overflow CVE-2021-42054
libressl stack-buffer-overflow CVE-2021-41581
accel-ppp stack-buffer-overflow CVE-2021-41581
FISCO-BCOS memory leak CVE-2021-40243
FISCO BCOS package decode failure CVE-2021-35041
rudp memory leak CVE-2020-20665
libiec_iccp_mod segmentation violation CVE-2020-20664
libiec_iccp_mod heap-buffer-overflow CVE-2020-20663
libiec_iccp_mod heap-buffer-overflow CVE-2020-20662
IEC104 heap-buffer-overflow CVE-2020-20490
IEC104 stack-buffer-overflow CVE-2020-20486
Cyclone DDS heap-buffer-overflow CVE-2020-18735
cyclone DDS stack-buffer-overflow CVE-2020-18734
IEC104 segmentation violation CVE-2020-18731
IEC104 segmentation violation CVE-2020-18730
libiec61850 heap-buffer-overflow CVE-2018-19185
libiec61850 NULL pointer dereference CVE-2018-19122
libiec61850 SEGV CVE-2018-19121
libiec61850 SEGV CVE-2018-19093
libiec61850 NULL pointer dereference CVE-2018-18937
libiec61850 heap-buffer-overflow CVE-2018-18834
FISCO-BCOS bad free CNVD-2021-80670
FISCO-BCOS en/decryption error CNVD-2021-70168
accel-ppp stack buffer overflow https://github.com/xebd/accel-ppp/issues/158
accel-ppp memory leak https://github.com/xebd/accel-ppp/issues/155
OpenDDS heap buffer overflow https://github.com/objectcomputing/OpenDDS/issues/1826
OpenDDS heap buffer overflow https://github.com/objectcomputing/OpenDDS/issues/1827
Fast-DDS stack buffer overflow https://github.com/eProsima/Fast-DDS/issues/1337
Fast-DDS stack buffer overflow https://github.com/eProsima/Fast-DDS/issues/1338
Go-Ethereum Data Race https://github.com/ethereum/go-ethereum/issues/23965
DIEM Unexpected Panic https://github.com/diem/diem/issues/9753
Fabric Unexpected Panic https://jira.hyperledger.org/browse/FAB-18528
Fabric Unexpected Panic https://jira.hyperledger.org/browse/FAB-18529

EXPERIENCE WINGFUZZ

诚邀体验
下一代软件安全技术
联系我们