Named after the big, fuzzy, blue monster in the movie Monsters, Inc., Sulley is a potent Python-based fuzzing framework developed by Pedram Amini and Aaron Portnoy of TippingPoint. Sulley is more than just a fuzzer; it comes packed with packet-capturing capabilities, extensive crash reporting, and VMWare automation. It also is able to restart the target application after a crash has occurred so that the fuzzing session can carry on hunting for bugs. In short, Sulley is badass.

For data generation, Sulley uses block-based fuzzing, the same method as Dave Aitel's SPIKE,^[39] the first public fuzzer to use this approach. In block-based fuzzing you describe the general skeleton of the protocol or file format you are fuzzing, assigning ...