Proprietary protocols are commonly used in industrial environments and are hard to fuzz. Often, one product like a railway control centre communicates over more than 10 proprietary protocols. Usually, external attackers do not have the specifications of the protocols to write suitable fuzzers. The same applies to internal penetration testers. Even with the specifications, time and budget is not sufficient to implement an effective fuzzer. Commercial fuzzers are also out of the race for the same reasons. With inline fuzzing, even those protocols can be tested.
