Michael Zalewski (lcamtuf) mengembangkan project yang disebut bunny. Project ini merupakan tools untuk melakukan fuzzing terhadap aplikasi C. Seperti biasa, lcamtuf membuat aplikasi yang merupakan inovasi dibandingkan aplikasi-aplikasi sejenis, dan bunny fuzzer ini menggunakan pendekatan lain dalam melakukan proses fuzzing terhadap aplikasi-aplikasi C. A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals. Bunny is currently known to support Linux, FreeBSD, and Cygwin on IA32 systems. Fuzzer umum nya mengharuskan kita memahami proses kerja suatu aplikasi, tujuan nya adalah agar kita dapat memberikan ‘seed’ atau data input yang akan digunakan untuk testing suatu aplikasi. Jika yang akan dilakukan adalah suatu protocol fuzzing, maka kita diharapkan memahami proses kerja protocol tersebut (yeah, RFC is ur friend then). Bunny agak berbeda dalam hal implementasi fuzzy ini, berikut ini hal yang akan dilakukan bunny fuzzer: Seed fuzzing queue with a known good input file. Attempt several deterministic, sequential fuzzing strategies for subsequent regions in the input file, as well as for regions that are known to affect execution paths based on previously recorded data. If any change resulted in a never previously observed execution path, store the input that triggered it and queue it for further testing. If any change resulted in an interesting change in any function call parameter or return value within a known execution path (for example, we now have -3 where we had 7 previously), store and queue the input. If program fault is sensed...