search menu icon-carat-right cmu-wordmark

CERT Dranzer

June 2015 Software

Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controls.

Publisher:

GitHub

Abstract

Attackers frequently take advantage of vulnerabilities in ActiveX controls to compromise systems using Microsoft Internet Explorer. A programming or design flaw in an ActiveX control can allow an attacker to execute arbitrary code by convincing a user to view a specially crafted web page. Since 2000, these types of ActiveX vulnerabilities have significantly increased. With Dranzer, developers can examine effective techniques for fuzz testing ActiveX controls. Dranzer helps ActiveX developers test the controls in their development processes and invite community participation in making Dranzer a more effective tool.