Vulnerability Analyzing and Testing (with C)

I need someone who can work with following tools and can create the following solutions:

As a working place I will hand you the virtual machine where all the programs to be tested are

Tools you have to work with:

Adress Sanitizer

LLVM Clang Analyzer

GCC 10 Static Analyzer

Facebook Infer

KLEE symbolic execution engine

honggfuzz (fuzzer)

Programs to be tested:

and a simple program in C

One Real-World Library

Solution I expect:

1. Which tools did you use and which type of analysis did you do (for example static, dynamic, fuzzing etc)

2. Which vulnerabilities and bug did y ou find in the programs? Where in the code are the bugs? How do you trigger them?

3. How many false alarms (or false positives) are triggered by the tools? Is ever bug you found a real vulnerability? How many of them are just general problems of the code quality?

4. Which tools can find which vulnerability (create a table for that) Why are some tools good to find some vulnerability and some are not?

5. Step by step notes what you changed in the code and what you changed in the makefiles and what you wrote in the command line

For more details, contact me in private

Skills: Computer Security, C Programming, Linux

See more: securityfocus vulnerability assessment testing, vulnerability scan testing, testing c# moq nunit, vulnerability testing tools, vulnerability testing software, vulnerability assessment methodology, vulnerability scanning, vulnerabilities in c, which testing is best used with vulnerability assessments, what is vulnerability testing, types of vulnerability assessment, testing c#, testing c, Automation testing c#, manual testing C, drupal ,software testing , c programming, unit testing c# visual studio 2017, c++ private tutor, unit testing c#, unit testing c# example

About the Employer:
( 0 reviews ) Plettenberg, Germany

Project ID: #26843153

4 freelancers are bidding on average €19 for this job


I've experienced such tools during my professional development work. price is still negotiable. Time also depends upon the number of errors given by tools. Relevant Skills and Experience I've experiences on static cod More

€23 EUR in 3 days
(0 Reviews)

I have done more practice on C.I used Visual Studio software for practicing.I practised more on c so this oppertunity helps me for my practical [login to view URL] you.

€12 EUR in 5 days
(0 Reviews)

Hi Have experience in Network Security, C programming language, GDB, Valgrind. Research and a can do attitude.

€19 EUR in 20 days
(0 Reviews)
€23 EUR in 1 day
(0 Reviews)