the original cloud security
Showing 1 - 25 of 146 RSS Feed

Fuzzer Files

Ansvif 1.7
Posted Apr 13, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release marks easier compiling on most modern operating systems including Windows 7, Windows 10, Linux (Redhat and Debian based distros), and OpenBSD. It may compile/work on other operating systems but has not been tested. This is mostly a source code release with lots of code cleanup, and no new features.
tags | tool, fuzzer
systems | unix
MD5 | 477bcf4f4f8b5e2294e46d20f0d9f8d1
Ansvif 1.6.2
Posted Feb 25, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and includes a -y or -b 0 option for zero buffer size (useful with -A and -B when in use with other fuzzers), and a -K option to keep going after a crash (usually only useful when logging).
tags | tool, fuzzer
systems | unix
MD5 | cfa6a5023498f09090cfd480c310b8cd
Mobile Security Framework MobSF 0.9.3 Beta
Posted Nov 23, 2016
Authored by Ajin Abraham | Site github.com

Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.

Changes: Clipboard Monitor for Android Dynamic Analysis. Windows APPX Static Analysis Support. Added Docker File. Added Support for Kali Linux. Various other additions and improvements.
tags | tool, web, vulnerability, fuzzer
systems | cisco, ios
MD5 | 0c1d2d101da02097ba466840e0148138
Ansvif 1.6.1
Posted Nov 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).
tags | tool, fuzzer
systems | unix
MD5 | a1a9d5a417b5bbb3a4def98bfad33802
Ansvif 1.6
Posted Oct 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bug fixes, and better Windows compatibility. Now there is no need for the extra .dll files in the Windows version.
tags | tool, fuzzer
systems | unix
MD5 | 78574201a60bed0e73d23ea05e7aa536
Ansvif 1.5.2
Posted Jun 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a bunch of bug fixes, and manual pages. No changes to the Windows code.
tags | tool, fuzzer
systems | unix
MD5 | e15781fd3ff2b6b54ffcf1146ecd200f
Ansvif 1.5.1
Posted Jun 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes drafted manpages for ansvif and find_suid, plus binaries rebuilt on Debian Jessie for i386 and amd64. No changes to the Windows release were made.
tags | tool, fuzzer
systems | unix
MD5 | 9d8599991090441a912825ec5a91e7c0
Ansvif 1.5
Posted May 19, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes new ways to crash programs using things like 1, -1, 0, x00 (null), etc. Also included are some minor bug fixes. It also includes binaries for most supported operating systems, Debian/Ubuntu 32 and 64 bit, Windows 10 32 and 64 bit.
tags | tool, fuzzer
systems | unix
MD5 | 07c83eab59174ada29de7b82d096a64f
Mobile Security Framework MobSF 0.9.2 Beta
Posted May 3, 2016
Authored by Ajin Abraham | Site github.com

Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.

Changes: Drag and Drop support, allows upto 8 files in Web GUI. Added Google Enjarify. Added procyon decompiler. Various other additions and improvements.
tags | tool, web, vulnerability, fuzzer
systems | cisco, ios
MD5 | f3df40afd37a25833c3786065c2145fd
Ansvif 1.4.2
Posted May 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes bug fixes, more crash code detection for Windows, and better overall crash recognition.
tags | tool, fuzzer
systems | unix
MD5 | f1424cb108c0d4a01cd5f49c2993b8af
Ansvif 1.4.1
Posted Apr 26, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes XML output support, the crash detection under Windows has been fixed, and is tested and working in Ubuntu, Windows, and OpenBSD.
tags | tool, fuzzer
systems | unix
MD5 | c77ebf6b44d2c7d120de72faa2765817
Ansvif 1.4
Posted Apr 18, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Various updates.
tags | tool, fuzzer
systems | unix
MD5 | bd1ec5f8001ded882c1ee5421e5cce84
Ansvif 1.3.4
Posted Apr 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes % hex notation for fuzzing things like browsers that accept %41 (A), etc.
tags | tool, fuzzer
systems | unix
MD5 | e807932ecec741401b428e495b254044
Mobile Security Framework MobSF 0.9.1
Posted Mar 16, 2016
Authored by Ajin Abraham | Site github.com

Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK and IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.

Changes: Improved and responsive UI. Dynamic SSL testing. Various other updates and improvements.
tags | tool, web, vulnerability, fuzzer
systems | cisco, ios
MD5 | a8ac951b0e02bb3cc5dd36141d17023c
ShakeIt Grammar Mutation Engine Fuzzer
Posted Nov 30, 2015
Authored by Jeremy Brown

ShakeIt is a grammar mutation engine targeting browsers and PDF readers. For a given input, such as a web page or PDF file, and an output location, it will generate N mutated test cases. It was implemented in C#, but can be ported to other languages and is meant to fit within an existing fuzzing framework.

tags | tool, web, fuzzer
MD5 | 54c861884798451395aeaab5988a76c7
PKZip Fuzzing Tool
Posted Nov 14, 2015
Authored by Andrea Sindoni

This is a python script that can be used to fuzz PKZip files.

tags | python, fuzzer
MD5 | b8ac6b2f63831925b17bb3c3bf59dfbd
Mozilla Firefox Secret Leak
Posted Sep 3, 2014
Authored by Michal Zalewski

The recent release of Firefox 32 fixes another interesting image parsing issue found by afl. Following a refactoring of memory management code, the past few versions of the browser ended up using uninitialized memory for certain types of truncated images, which is easily measurable with a simple <canvas> + toDataURL() harness that examines all the fuzzer-generated test cases. Depending on a variety of factors, problems like that may leak secrets across web origins, or more prosaically, may help attackers bypass security measures such as ASLR. This code is a proof of concept for versions prior to 32.

tags | exploit, web, proof of concept, fuzzer
advisories | CVE-2014-1564
MD5 | 2235bb65ae6abe2af194f34a079a0f08
Melkor ELF Fuzzer 1.0
Posted Aug 19, 2014
Authored by nitr0us

Melkor is an ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). Written in C, Melkor is a very intuitive and easy-to-use fuzzer to find functional (and security) bugs in ELF parsers.

tags | tool, fuzzer
systems | unix
MD5 | 65127ef2da9f89642714886ce78c6f8c
ImmuniWeb Self Fuzzer Firefox Extension
Posted Sep 13, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

This whitepaper discusses the ImmuniWeb Self-Fuzzer Firefox Extension. It is designed to detect cross site scripting and SQL injection vulnerabilities in web applications.

tags | paper, web, vulnerability, xss, sql injection, fuzzer
MD5 | c76ef34a172685ad02855df643f9620a
xml2 Fuzzer 1.0
Posted Aug 26, 2013
Authored by x90c

xml2 Fuzzer is a fuzzing utility that daemonizes in order to fuzz the client side of a web browser.

tags | web, fuzzer
MD5 | 1ca43872c1fd3985bebc49cea04c3ac4
Dissecting Blackberry 10 - An Initial Analysis
Posted May 23, 2013
Authored by A. Antukh | Site sec-consult.com

This is a whitepaper titled "Dissecting Blackberry 10 - An Initial Analysis" and discusses the specifics of the Blackberry 10 operating system, fuzzers, dumping the boot sector and other topics.

tags | paper, fuzzer
MD5 | c1d4f6873f14c3cf6a8984889a26313d
Fuzzing: An Introduction To Sully Framework
Posted May 23, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

This paper is an introduction to the world of fuzzing by exploring the Sulley Fuzzing Framework.

tags | paper, fuzzer
MD5 | a2da69544935d46674e792fbedfe927f
In Memory Fuzzing In Java
Posted Dec 22, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Nowadays, a wide range of techniques can be used to find vulnerabilities and bugs in binaries applications. The aim of this paper is to introduce the main concepts of In-Memory Fuzzing, to summarize its advantages and drawbacks and to present the debugging library which is currently developed by High-Tech Bridge to help building in-memory fuzzers.

tags | paper, vulnerability, fuzzer
MD5 | c9161767d4221dbf18b7d50376667c83
Storm Ringing PABX Test Tool
Posted Aug 24, 2012
Authored by Francesco Tornieri

This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call). The aim of the tool is to ring all the sip Terminal Equipment (phones).

tags | tool, telephony, fuzzer
systems | unix
MD5 | 4653ec0e3191e7576d09d344ae1a82d9
Cross Site Scripting Payloads
Posted Apr 24, 2012
Site vulnerability-lab.com

Vulnerability Lab has produced a large amount of cross site scripting payloads that can be used with fuzzers for automated scanning, etc.

tags | paper, xss, fuzzer
MD5 | a1bef07ff4bd5d4358baf87d3e3c349f
Page 1 of 6
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close