icon-carat-right menu search cmu-wordmark

CERT Triage Tools

Software
CERT Triage Tools consist of a triage script and a GNU Debugger (GDB) extension named 'exploitable' that classify Linux application defects by severity.
Publisher

Software Engineering Institute

Abstract

The CERT Triage Tools can be used to assist software vendors and analysts in identifying the impact of defects discovered through techniques such as fuzz testing and prioritizing their coordination in the software development process. The CERT Triage Tools include a GNU Debugger (GDB) extension called "exploitable" that classifies Linux application bugs by severity and a wrapper script for batch execution.

In 2009, Microsoft released a set of security extensions for the Windows debugger, including a command named !exploitable, that provides automated crash analysis and security risk assessment for software that runs on the Windows platform. Subsequently, Apple released a tool called CrashWrangler (Apple Developer Connection account required) to perform a similar analysis on crash logs for software that runs on the Mac OS X platform. In the course of our vulnerability discovery work in developing the CERT Basic Fuzzing Framework, we noted the lack of such a tool for software that runs on the Linux platform. The CERT Triage Tools were developed to serve purposes similar to Microsoft's !exploitable and Apple's CrashWrangler on the Linux platform.

As of May 2014, the CERT Triage Tools project has been transitioned to the GDB 'exploitable' plugin project on GitHub. The download link to the right is being preserved for those who want to download the version 1.04 tarball.

However, the most up-to-date version of the code can be found on GitHub. Bug reports and feature requests can be submitted here.

For more information about these tools, see the blog post CERT Linux Triage Tools 1.0 Released.

Requirements

  • Compatible 32-bit or 64-bit Linux
  • GDB 7.2 or later
  • Python 2.6 or later