Fuzzyoumang
The Mozilla Foundation plans to give away its own security tools, including a fuzzer:
Mozilla Corp. will release some of its homegrown security tools to the open-source community, the company’s head of security said Wednesday, starting with a “fuzzer” it uses to pin down JavaScript bugs in Firefox.
The JavaScript fuzzer, said Window Snyder, Mozilla’s security chief since last September, will be handed over tomorrow morning, following a presentation at Black Hat, the two-day security conference that opened today in Las Vegas.
“We’re announcing that we’ll be sharing our tools with the community,” said Snyder, “and releasing the JavaScript fuzzer then.” Other tools, she said, would follow, including fuzzers that stress-test the HTTP and FTP protocols. Those two, however, are not ready to offer up to outsiders, largely because Mozilla wants to wrap up talks with other browser vendors before they do.
So if you haven’t been fuzzing your applications, you’re running out of excuses.