Tmin is an optimization tool for fuzzing test cases. The software helps to optimize and refine testing processes to efficiently identify and address issues.
The utility expects a file named testcase.in to be present in the current directory, and will write a minimal testcase to testcase.small. To optimize a test case for a target application, simply run './tmin /path/to/program'. During this process, Tmin runs /path/to/program, feeds a modified test case to the program's input, and examines the exit status. If the program exits on a signal such as SIGSEGV, the test case is still working. However, if it executes cleanly, the test case has failed.
Users can also employ the -x command-line switch to treat non-zero return codes as fault conditions, and the -w file to save data to a specified location for the tested application to read from. For remote testing, the -s command-line switch is available. In this mode, the utility waits for SIGUSR1 (clean execution) and SIGUSR2 (fault condition) signals sent to the Tmin process. Users can run an easy wrapper for interaction with network services using nc, while /bin/true serves as a "decoy" target program when writing to local files.
When running in -s mode, the testing harness must prompt the tested application to read Tmin output, analyze the outcome, and then send an appropriate signal to the utility. An example of how to do this is provided in the tmin/web-example subdirectory.
To showcase the functionality of Tmin, an example is given involving a lengthy and annoying hello world test case, and a bash script that looks for 'el..*wo'. Running Tmin on this script leads to the elimination of 90.57% of the original size, replacing one character.
Overall, Tmin is a practical tool that streamlines the fuzzing test case optimization process for automated security testing. Its multiple modes and functions make it easy to use, and its integration capabilities with UI testing harnesses make it highly versatile.
Version 0.03: N/A