[tor-dev] fuzzer for tor as a masters project

Pietro Bempos pietrov at gmail.com
Tue Jan 7 16:33:37 UTC 2014


Hello,

I was browsing the tor site in order to find an idea for my masters project
in security and I came across the following:

----------------------------------------------------------------------

In your project ideas page
https://www.torproject.org/getinvolved/volunteer.html.en#torCleanup

You have the following :

Write a fuzzer
for Tor to discover security vulnerabilities. Determine if there are good
fuzzing frameworks out there for what we want. Win fame by getting credit
when we put out a new release because of you!

------------------------------------------------------------------------------------

I have no experience in fuzzers but I think it would be a very nice topic
to learn and on the same time contribute.

I see that it is possible to create a private tor network for testing


https://www.torproject.org/docs/faq#PrivateTorNetwork



And maybe use the command line options to have as one point of input

https://www.torproject.org/docs/tor-manual.html.en


Bassically I send this email for 2 reasons:

1) To see if there are ways that you guys can help me with this on the
future

and

2) To give me any starting tips mostly related to what type of data that
would be good for testing, any other input places from where data can be
fed and generally any kind of usefull info related to this.

Thanks a lot and have a nice day

Pietro.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140107/38bf8afd/attachment.html>


More information about the tor-dev mailing list