BED (aka Bruteforce Exploit Detector) is a plain-text protocol fuzzer that checks software for common vulnerabilities like buffer overflows, format string bugs, integer overflows, etc.
The tool is a collection of scripts to automatically test implementations of different protocols for buffer overflows and for format string vulnerabilities. This is done by sending a many different combinations of the known to be problematic strings to a server.
It is a program which is designed to check daemons for potential buffer overflows, format string bugs etc.
The Bruteforce Exploit Detector (BED) does exactly what the name implies. The program will allow you to send data to the target application in hopes that a crash will occur.
Written in Perl by mjm and Eric Sesterhenn, the tool currently supports following protocols:
bed -s <plugin> -t <target> -p <port> -o <timeout> [ depends on the plugin ]
-s <plugin> = FTP/SMTP/POP/HTTP/IRC/IMAP/PJL/LPD/FINGER/SOCKS4/SOCKS5 -t <target> = Host to check (default: localhost) -p <port> = Port to connect to (default: standard port) -o <timeout> = seconds to wait after each test (default: 2 seconds) use "-s <plugin>" to obtain the parameters you need for the plugin. Only -s is a mandatory switch.
cyborg@cyborg:~$ bed -s HTTP -t ztrela.com -p 80 B E D 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de ) + Buffer overflow testing: testing: 1 HEAD XAXAX HTTP/1.0 ....