iExploder v1.5 - Web Browser Quality Assurance Tester

iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.

iExploder was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple’s Webkit project.

Version 1.5 (2010-03-14)

  • New subtest generation algorithm that doesn’t suck
  • Added the ability to exclude certain tag/property combinations in config.yaml
  • Added more tuning possibilities to config.yaml
  • Lots of bugfixes and new testcases
PNG - 173.4 kb

Features

  • Tests all HTML and CSS attributes that Mozilla, Webkit and other browsers support
  • Basic fuzzing for media formats (bmp gif ico jng jpg ogg png snd svg tiff wav xbm xpm)
  • Very basic DOM manipulation fuzzing via JS
  • HTTP header fuzzing
  • Logic, buffer overflow, and format string testing
  • An unlimited amount of repeatable tests
  • Sequential and random testcase testing, with the ability to resume (sequential only)
  • Tools to help isolate which test crashed the browser, as well as locate backtrace information

More information: here

Post scriptum

Compliance Mandates

  • Code Auditing :

    PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)


Comments

Related Articles

Code Auditing
Framework
Fuzzers
iExploder