Fuzzgrind is a fully automatic fuzzing tool, generating test files with the purpose of discovering new execution paths likely to trigger bugs and potentially vulnerabilities. It is based on the concept of symbolic execution. Thus, the tool starts from a file considered valid by the software under test, and analyses the execution path to extract any constraints tied to branch instructions followed by this software. By resolving constraints one by one, Fuzzgrind will alter the valid file to explore possible new branches of the software under test, in order to discover new vulnerabilities.
1647ac2ac494e2a8033936f8ac52d252a482907419e181e11a74a9df3fc61c22Asterisk UDP IAX protocol fuzzing utility.
38cb2e5ced48810f3028ffd78c79418cf6e9221460e97e695f38258c47928e40darkTouch is a fuzzer that attempts to fingerprint the structure of a website. Written in Python.
86a99f55e9fc32eee675bdba41eff23d4356b6004f52b1c0b400498cbd083d37Hzzp is a HTTP compliant client and server fuzzer. Hzzp's main features include HTTP response and request fuzzing, authentication fuzzing, query parameter fuzzing, and automatic or manual exploit generation.
7407b05d1cf6bb1faff9f84cb8b6c90807c711fc7d4cb78481ca10533173aeeaSimple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
e244dc374f84c63b7a6cfac17c78eed576e3b6cb4d0a536d0a32bb866d67896bSQL fuzzing tool that will find all table names, column names for specified table, mysql version, username of mysql, database, perform load_file() on sites vulnerable to SQL injection.
04567fd7758525a5ed5dcfa916d706b33ffcb6470163b2634fac2e099cbeb3bffzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses.
599f60cea508535311603dca6768627d03bd9bcd767d3a2b1e4e869a9ece418aSQL Fuzzer version 1.0 that is written in Python. Yes, another one.
a256fb6b24c4beebaa2c4be61642c4ed8d7c9cd5a7ca09a09243505f152f00e3Browser Fuzzer 2 (bf2) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.
9c0853e1720bef8ed4d5727782ddb76c3ffde6981e51439d0fe5e1c930239e27JPEGfuzr is a perl implementation of fuzzing JPEG metadata through the Image::MetaData::JPEGextension. It supports 40 metadata tags and fuzzes all, one by one, using the fuzz data supplied.
86cb09fe538e1caa7760c78fd8bf3239fd3c35e7f10d1b9fc656c06987ee2ac6VNCrush is a VNC server fuzzing utility.
8eb9127ad1376a76157468f0e39b8c0356bd8b9858a0403259920b3f5a8af4e3RSHatter is a rsh protocol fuzzing utility.
cd5317d98c22f76c74af147ff8128cda02e43c4f02d0aeec39d30e96a104c33eTagFuzzer is a fuzzing utility that edits tag information for a supplied file. Supports MP3, M4A, M4P, MP4, M4B, 3GP, OGG, and FLAC formats.
6ea8345c7e60081071fe0e6685179fd102ae6f0146579fee5e456e407fd59f99mpTREY is a MP3 fuzzing utility that manipulates tags. Written in Perl.
3f272c23c44352dd75429216312ed372076351d35fa4762a4869fd1da89d050dpdfUZZ is a PDF fuzzing utility written in Perl.
99433705cbedf57206587795bf5e5201e013f3738ca7ea8ae2622400592185abTFTP daemon fuzzer that uses Net::TFTP.
f0bb5b52d7d08ec8d250d4dc352452c02c79c428856b9235545fcf7730463f97VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxiliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development.
61584b71e6024bab0481eed3fcbb25f14093e26c73b0f33995d9a57693310eceMSF eXploit Builder is a Windows GUI to build Metasploit Framework exploit modules. It will help you to edit/modify/create/test exploit modules for the Metasploit Framework. Full source release. It includes a built-in fuzzer, a win32 debugger, and a lot of tools used in the process of exploit development.
4a382efc58c637872c644539f8f88fe0989f10424df3f81dc14c702a0e2f6770sshfuzz is a SSH Fuzzing utility written in Perl that uses Net::SSH2.
c187ed921afa0866b2c9f7c49b9b098c6164bf30a9dafdc234149a34126d74a8Peach is an easily extended fuzzing platform that can fuzz just about anything from file parsers and network protocols to COM objects and SQL stored procedures. Python source version.
ec5a0d5efcdea1e906c416d729f882b54cf8b1648ef8e42fd997fb6879e5b20bQuick little MySQL fuzzing utility that creates sockets and fuzzers on the fly.
15405e4927cb4b5b834139904c6fa76a7c7a2d33cfddb4d8878f3376b025779eThis is a list of fuzzing vectors used in order to trigger directory traversal vulnerabilities. It is quite a huge list composed using different encodings and bizarre attack patterns reported in several vulnerability advisories.
4ba540799aa51a24dc790a72c68a21a526b853367d539adee6941a805954e2e4ZfZ stands for Zeroday fuZzer. ZfZ is a network fuzzer that supports many protocols and can do generic fuzzing as well. It is trivial to add protocols to fuzz, just copy and modify the protocols already implemented.
ac192433c3e5acdbbe6c3311cba765940f354fc8bbb6a90f2e29f34e2b6cae95Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.
137174c6ed1dcabe5eef7a967a9521beb3fa81f8484b91cad6f69c9d2872af32VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxiliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development.
395730c606716956bfb37848a1a3d0f336a82fb23b48d41b02b0a76641209299
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed