This is a friendly warning that your web-browser does not currently protecting your privacy and/or security as well as you might want. Click on this message to see more information about the issue(s) that were detected. December 19th, 2018 Reg­Exp­Fuzzer2 for sale

Reg­Exp­Fuzzer2 for sale

I am selling the source code for one of my private Regular Expression fuzzers. This simple fuzzer is implemented in Python and can be used to generated random valid(-ish) Java­Script and Perl regular expression strings. I've also included Python scripts that use it to generate tests for fuzzing the regular expression engines in Perl, Python, JScript and VBScript.

The core fuzzer code is pretty basic and contained in a single 10kb source file. It should serve you well if you want to get started with fuzzing by looking at some example code and/or modify it to suit your specific needs.

Where to get

You can buy a license for the non-exclusive use of this fuzzer for as little as 100€ at https://license.skylined.nl/. Simply create an account on the site, select the Reg­Exp­Fuzzer2 license, and pay on-line with a creditcard or request an invoice to pay through direct bank transfer.

Once you have paid for the license, you can download the source in a .zip file from a link in the license details. this download contains the main Python class and the four Python scripts described below.

Please read the full license before downloading the fuzzer source.

The fuzzer

c­Reg­Exp­Fuzzer2 is the main Python class; instances of this class can be used to generate regular expression strings like so:

  o­Reg­Exp­Fuzzer2 = c­Reg­Exp­Fuzzer2("ECMAScript"); # Or "Perl"
  s­Pattern = o­Reg­Exp­Fuzzer2.fs­Generate­Pattern();
  print repr(s­Pattern);
  s­Flags = o­Reg­Exp­Fuzzer2.fs­Generate­Flags();
  print repr(s­Flags);

The above code will output a randomly generated regular expression that adheres (almost) to Java­Script syntax followed by a string of characters that indicate randomly selected flags for the engine, such as g for global search and i for case insensitive.

How to use

I've added four Python scripts that serve as examples of how to use this fuzzer to test the regular expression engines of various scripting engines. When run, these scripts generate test code and write it to a script file. This script file can then be run in the target scripting engine to test the regular expression engine. For instance, to test the Python regular expression engine, you can run the following two commands:

  python Generate­Python­Test­Code.py
  python repro.py

The first command will generate a file repro.py that contains a number of tests. The second command will execute these tests.

To test Perl, execute the following two commands:

  python Generate­Perl­Test­Code.py
  perl repro.pl

Similarly, you can test JScript and VBScript with the following commands:

  python Generate­JScript­Test­Code.py
  cscript /nologo repro.js
  python Generate­VBScript­Test­Code.py
  cscript /nologo repro.vbs

Obviously, you can run these scripting engines under Bug­Id to detect any crashes found while running the test.

Sample fuzzed data

To show what kind of output you can expect from this fuzzer, I've generated test code for four scripting engines, which you can download here.

If you have any further questions, please send an email to license@skylined.nl.

© Copyright 2024 by Sky­Lined. Last updated on March 23rd, 2024. Creative Commons License This work is licensed under a Creative Commons Attribution-Non‑Commercial 4.0 International License. If you find this web-site useful and would like to make a donation, you can send bitcoin to 183yyxa9s1s1f7JBp­PHPmz­Q346y91Rx5DX.