beSTORM is an automated tool, programmed to make an exhaustive search of all possible input combinations of a network protocol in order to test the protocol implementation for weaknesses. However, attempting to cover all theoretical input combinations to the program is not a trivial task and requires the ability to test for billions of combinations automatically.
beSTORM is equipped with prioritization algorithms to enable complete coverage of all inputs that are likely to 'trigger' a security hole, and within a reasonable time frame.
To do this, beSTORM converts the protocol specification into an automated set of tests and exercises the network protocol with a specific emphasis on technically legal but functionally erroneous and stressful cases. As an example, beSTORM automatically tries every protocol combination possible until a buffer overflow is triggered.
Another example - What if the application is expecting a file name and you send it characters that are not valid? What if you do illogical things with protocol sequence numbers? beSTORM is not limited to specific cases – it will eventually cover the entire protocol search space.