Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (including cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer) and information gathered from numerous security resources and websites. It is capable of spidering a website and identifying inputs.
4ee9ca809287166d059f03478f84ab9ae3b6ab083adaee34d3b2091de62e924bFusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.
9f7c129e9742196110db2d38a69c5ab53da1ed4bd63f1ab85e877269ac4828fctmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
f80bf14e4e0e2aef70ffee1065caee30c845ca9dae1448701ff20d7f6853e261zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
0a89fdb6912d4dd68ac88c54951e87738294d13562e0d57662fb90974b947710Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
30c7765b960b131246bfe8c25b79d20eae49f282dd0ac3b7e1e293233a446f99zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
914a543d2230a7b8ce134d8bbe1c8ae18cec7be3c49361770ac04eda12cf3e05SQL fuzzing utility written in Python.
051c055fe00407919e7c1c2ffd3567e5a02d5ed2df101486511d5995ffe39ed8SQL Injector version 1.0 is a fuzzing utility written in Python.
540c59b543ffe0c33b344577bedcbe77ec179eb7b6441061ffb9c703c0bede59Cross site scripting fuzzing utility written in Python.
d6635e858fcf89ce62f89cf87e20a31f8c853800d25e2d5039fa428808132e90tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
6fa417edb887bc2a9b30f10caf309c076293186b24d00cd9af098a7243ff02a0Syslog Fuzzer is a small perl script tool that is useful for testing some attack vectors against syslog servers. It has support for buffer/integer overflows and format string vulnerabilities.
fb34a3d4e18d1e8af3658c6272e7e8976431669d015724f634b37da32a293743Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, files), bruteforce HEADERS, GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/ Password), Fuzzing, etc.
fc1a73ded9af26968df62c865343f4ddfe5300ca020cd32a41ab9f0bb2577adbPGMfuzz is a fuzzer written for identifying vulnerabilities in PGM option parsing implementations.
b74310aa941f94bcbfee075e203ba145d732c8d357727cc806d9623b94be7d22Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
dae9be447ea202eb4d5eeb0cba317136fe15861630c1562730ff011f8ecb33c7Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
ebfb03563564202d26c9314f19b2cbbdf98cdb2c16d21f6628ccf680af7d3db6zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
a5fa82e49c01721f0ae339345780c55d1ae9e42ed6909901a1c688800e5b834cBunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
7316d0f0a285a94b48f522cda8e5a4963a67a6b63cbe7e8aaa2dd7ed46a4b9efWhitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.
85eff0372eb6b927c7f66e8380f04f54c2152fb1202fd191238c82796096ff34PHP Source Auditor III (or PSA3) was created in order to quickly find vulnerabilities in PHP source code. Written in Perl.
787110a34b85754752472a108a0e65147bfdd6deda7c812bfd88705c49a5740aThe Evolutionary Fuzzing System (EFS) is a fuzzer that attempts to eliminate traditional fuzzer techniques of building a new fuzzer for each protocol by dynamically learning a protocol using code coverage and other feedback mechanisms.
25c9e9a281636d9be7f0216bfa0eb37beca0ff7dc82ae2e3f00832e4c0cb964dGPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.
9597f83a0a3b35e591f9e0d360e8589e6157a42ff347d071a12df55d00355a2dzzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
7df5232b8c6004828bcde2ac32d9d75b2b39d4f4bd4c9c56582f739aa62efa58pff (Php Fuzzing Framework) is a tiny tool that was created with the intention of discovering security and general bugs within Php functions.
4d0f87948f015600b4b1c890ebfef7fe135aa49b4dad26119a4e5a0318cbf177untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
cb9f89dfdf1cce6e76b2946659b685492339efaff809146b7d036304fed2def0FuzzMan is a simple man page fuzzer that is quite powerful.
b41eb2bbaca1c7754894834de2761da65eb830c1f3a61c8c0c2d0798df220f24
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed