PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
3c0e45c995b45ccd06e3e1921ce42b2dc006e7c50ef41f09e35465397971fecaPHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
9518133a3f1021b40158214497372d472d196b47de6a8109d45d82f46f801c50SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.
4fd73eaa07d985c2b97468b07640cbf674016b6d676e720e5c0ed70b2df09c64rtspFUZZ is a real time streaming protocol server fuzzer. It uses 6 basic crafting techniques OPTIONS,DESCRIBE,SETUP,PLAY,GET_PARAMETER,TEARDOWN,PAUSE etc rtsp commands and 9 advanced crafting techniques to test any target application. It has the ability to fuzz with Metasploit Pattern (pattern_create.rb) which can be helpful for finding the offset.
b3f05d18dd413771887842b4ada5d866099b1674425ad0bca2f4323f6772668fPHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
ceb5c22d39fc6f90b7e680e8c9287c121c4d955d426bab53fde7a92a6c51c13fFuzzTalk is an XML driven fuzz testing framework that emphasizes easy extensibility and reusability. While most fuzzing frameworks require in depth programming knowledge, FuzzTalk can test a wide range of network protocols with the help of XML templates. Includes scripts for fuzzing HTTP, FTP, and SMTP servers.
6d7aeec133b9386bd209b8716b27fc1d4d48ef3178ef969a9eb75f2172ef6eedPHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
add28806781ecf08f8b6dd125cf3fe1ef7b0857f91e72062ae1768273680e1feHonggfuzz is a general-purpose, easy-to-use fuzzer with interesting analysis options. Given a starting corpus of test files, Honggfuzz supplies and modifies input to a test program and utilizes the ptrace() API/POSIX signal interface to detect and log crashes. It works on Linux, FreeBSD and Mac OS X.
5eabcb34e63989ed4f5642d912c8641cae186311d69337401092b6d50f806e3aDotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.
dc08b1efa2acdffd376cece72189cb8862611ee023be690fd9a155d4b30878b6Whitepaper called Intelligent Debugging and In-Memory Fuzzers.
cfc1b0b99e77a91f3c6b2cd9dcbb873fb94901080b19135447424e67b0a48446FuzzDiff is a simple tool created to assist in helping make crash analysis during file format fuzzing a bit easier. When provided with a fuzzed file, a corresponding original un-fuzzed file, and the path to the targeted program, FuzzDiff will selectively "un-fuzz" portions of the fuzzed file while re-launching the application to monitor for crashes. This will yield a file that still crashes the target application, but contains a minimum set of changes from the original, un-fuzzed file. This can be useful in pinning down the exact cause of a crash.
64a2478b6758505b56ea79a765292e926f190b7255790d538d7a95e688fd16bbSimple Fuzzer is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
7fcf7aee05ab2a2049ef8d39184286e639df7b34f15f5b6e43a24ec87d86dc8aSpiderpig is a PDF fuzzing utility written in python.
eb4561c3095ec8870ccb83e8a9d8b30853581c6d9f25f9ca1d5c4ef9db399fdaWhitepaper called The Sulley Framework: Basics. Sulley is a fuzzer packed with interesting capabilities. Such as packet-capturing, crash reporting and VMware automation.
027210bf2196cc9ddb0cea7a535eb45f2d6fa84b497ec17b8d7e1a746a961a42This fuzzing tool is called the Full Automated Column Finder for SQL Injection.
bfbe4a7195685d5454916ac4e95631f9b811f07162b4f4639b8b87e080458a5cCGIFuzz is a python script for scanning 592 CGI paths on a given target.
177ed70a172eb1bc8a2d15a737d3f66e18b2b99936371119b4e6c2d041c701c8zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
4b155cf351dd40779ed2072e91577f2f88a44dcb2107b9f16f9f9db217bf3779Browser Fuzzer 3 (bf3) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.
ab072a52f4342b6af64d4ce2b1a3e18aae40f2dd2bcb3ddffb4cd1711e4150d12^6 TCP control bit fuzzer (no ECN or CWR).
acfc236162c8e9847ca2d395fb48be29cbbc9dc349fb97ccdf40724996d73882DeepToad is a tool for computing fuzzy hashes from files. DeepToad can generate signatures, clusterize files and/or directories and compare them. It's inspired in the very good tool ssdeep and, in fact, both projects are very similar. The complete project is written in pure python and is distributed under the LGPL license.
195b3d4c57d15a6fee7b7136f3351f12f13fb9a8144df5002b92a4485043bd1aThis small perl script is a generic random remote fuzzer.
f4bddba1bc5967ea0646d047d5e4b798651d79d68b89137957542fd3a0fcb94bThis is the ICMPv4/IP fuzzer prototype code.
35272cf0bbd351d1c3768a01705b36f56401acf729c58cd4d80efa24fbe4308buwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.
f5889f915e9116c5d6e219bc6ac51f19112545db98937dc7898dbe14386f49374f is the file format fuzzing framework.
008ec7e8c205931119fd3a3bc5f03ef58d628982adc30a9530caaae62cf58313uwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.
13057a6d9a4ce6617d07316cf3ac864b76984cb10985c54168293dbc49851d8a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed