darkTouch is a fuzzer that attempts to fingerprint the structure of a website. Written in Python.
86a99f55e9fc32eee675bdba41eff23d4356b6004f52b1c0b400498cbd083d37
Hzzp is a HTTP compliant client and server fuzzer. Hzzp's main features include HTTP response and request fuzzing, authentication fuzzing, query parameter fuzzing, and automatic or manual exploit generation.
7407b05d1cf6bb1faff9f84cb8b6c90807c711fc7d4cb78481ca10533173aeea
Simple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
e244dc374f84c63b7a6cfac17c78eed576e3b6cb4d0a536d0a32bb866d67896b
SQL fuzzing tool that will find all table names, column names for specified table, mysql version, username of mysql, database, perform load_file() on sites vulnerable to SQL injection.
04567fd7758525a5ed5dcfa916d706b33ffcb6470163b2634fac2e099cbeb3bf
fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses.
599f60cea508535311603dca6768627d03bd9bcd767d3a2b1e4e869a9ece418a
SQL Fuzzer version 1.0 that is written in Python. Yes, another one.
a256fb6b24c4beebaa2c4be61642c4ed8d7c9cd5a7ca09a09243505f152f00e3
Browser Fuzzer 2 (bf2) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.
9c0853e1720bef8ed4d5727782ddb76c3ffde6981e51439d0fe5e1c930239e27
JPEGfuzr is a perl implementation of fuzzing JPEG metadata through the Image::MetaData::JPEGextension. It supports 40 metadata tags and fuzzes all, one by one, using the fuzz data supplied.
86cb09fe538e1caa7760c78fd8bf3239fd3c35e7f10d1b9fc656c06987ee2ac6
VNCrush is a VNC server fuzzing utility.
8eb9127ad1376a76157468f0e39b8c0356bd8b9858a0403259920b3f5a8af4e3
RSHatter is a rsh protocol fuzzing utility.
cd5317d98c22f76c74af147ff8128cda02e43c4f02d0aeec39d30e96a104c33e
TagFuzzer is a fuzzing utility that edits tag information for a supplied file. Supports MP3, M4A, M4P, MP4, M4B, 3GP, OGG, and FLAC formats.
6ea8345c7e60081071fe0e6685179fd102ae6f0146579fee5e456e407fd59f99
mpTREY is a MP3 fuzzing utility that manipulates tags. Written in Perl.
3f272c23c44352dd75429216312ed372076351d35fa4762a4869fd1da89d050d
pdfUZZ is a PDF fuzzing utility written in Perl.
99433705cbedf57206587795bf5e5201e013f3738ca7ea8ae2622400592185ab
TFTP daemon fuzzer that uses Net::TFTP.
f0bb5b52d7d08ec8d250d4dc352452c02c79c428856b9235545fcf7730463f97
VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxiliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development.
61584b71e6024bab0481eed3fcbb25f14093e26c73b0f33995d9a57693310ece
MSF eXploit Builder is a Windows GUI to build Metasploit Framework exploit modules. It will help you to edit/modify/create/test exploit modules for the Metasploit Framework. Full source release. It includes a built-in fuzzer, a win32 debugger, and a lot of tools used in the process of exploit development.
4a382efc58c637872c644539f8f88fe0989f10424df3f81dc14c702a0e2f6770
sshfuzz is a SSH Fuzzing utility written in Perl that uses Net::SSH2.
c187ed921afa0866b2c9f7c49b9b098c6164bf30a9dafdc234149a34126d74a8
Peach is an easily extended fuzzing platform that can fuzz just about anything from file parsers and network protocols to COM objects and SQL stored procedures. Python source version.
ec5a0d5efcdea1e906c416d729f882b54cf8b1648ef8e42fd997fb6879e5b20b
Quick little MySQL fuzzing utility that creates sockets and fuzzers on the fly.
15405e4927cb4b5b834139904c6fa76a7c7a2d33cfddb4d8878f3376b025779e
This is a list of fuzzing vectors used in order to trigger directory traversal vulnerabilities. It is quite a huge list composed using different encodings and bizarre attack patterns reported in several vulnerability advisories.
4ba540799aa51a24dc790a72c68a21a526b853367d539adee6941a805954e2e4
ZfZ stands for Zeroday fuZzer. ZfZ is a network fuzzer that supports many protocols and can do generic fuzzing as well. It is trivial to add protocols to fuzz, just copy and modify the protocols already implemented.
ac192433c3e5acdbbe6c3311cba765940f354fc8bbb6a90f2e29f34e2b6cae95
Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.
137174c6ed1dcabe5eef7a967a9521beb3fa81f8484b91cad6f69c9d2872af32
VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxiliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development.
395730c606716956bfb37848a1a3d0f336a82fb23b48d41b02b0a76641209299
Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (including cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer) and information gathered from numerous security resources and websites. It is capable of spidering a website and identifying inputs.
4ee9ca809287166d059f03478f84ab9ae3b6ab083adaee34d3b2091de62e924b
Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.
9f7c129e9742196110db2d38a69c5ab53da1ed4bd63f1ab85e877269ac4828fc