Muts' python fuzzer found several format bugs in Microsoft Word 2007. file789-1.doc causes an unspecified overflow in Word 2007. file798-1.doc causes a CPU exhaustion denial of service in Word 2007. file614-1.doc causes a CPU exhaustion denial of service and ends with a ding in Word 2007. evil.hlp demonstrates a heap overflow in Windows HLP files.
0bf99d28ae1aa96a0bc1342073df4220be09213fe84ae13ec1e089bbb109bd1e
ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
83cb422e91d20d05afbe49119a394fe82ea883046f73d3a4484f08440e667307
Fuzzled is a powerful fuzzing framework. Fuzzled includes helper functions, namespaces, factories which allow a wide variety of fuzzing tools to be developed. Fuzzled comes with several example protocols and drivers for them.
756d0936668277d0a6e297852e5b8e31741e59e53616005718f5af29870b22fe
OSPF Attack Shell module. This may be useful for writing fuzzers.
9e8e9cbd17a599eed92073f1f097f53fafcc4cf6a2118d7b8cdc29d4ed9f50b4
LLTD (Link Layer Topology Discovery Protocol) Perl module written using the Net::Frame framework. This may be useful for creating fuzzers.
558b4db46f80f7aa432c73fd7951ffc95d6ea0618bc7edf21cf73cf7fb03eea8
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
a16cbe19ea03b93a174d731bf1aba5205e2f4480a7118129eda6b0cb7c7b39bb
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
de302e09f1d8a0aa5d3fa554801d2cc354e65d09cf41bf79b57a9fa465675582
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
2831a13b234e323bfa47bf6adacf11934e18aae6d474ab9f88f7ad32982b3aac
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
602cb39c8ea3a3fed659db86b8e125037d32883c0f0f836cb2930f82c109dd9a
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
4b309a26b9455bd3628bc3fc382244a5ae6afd94f1c0901786222e52a00bf81c
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the Win32 executable release.
ea8587fa5b065c103c9b3672e88019f4dacfd322991eb5a70296e0c6b5566cf7
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
af33c3e95ab78780cc665425a8501f20125bfaafaa42c3a591b2d0d864512fd7
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
98f5d6e5a7a64acc331add2e90596b43b28c32d0427c68c52bbea20a8ac79aae
untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
4e6d1c8a2c04fa8b84ff9712946037521667fcfc677d2c11efeaea0732184f3d
Two fuzzers written in Python. One is for PostgreSQL and one is for Informix.
af75ebb6e79ccd3bd1ad92b298d15a7e2ac9de795241f8cfa6b826f5bf9a6938
Oracle Database PL/SQL fuzzing tool.
d4ba0ce4454a94e3b86f4914ee4e6dbc5be062e4b669e80ff3b6fd13d319f285
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
82b398224597f19bfc1bdb576171672a1018d5f2e57276f378c9124bc3e34c02
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the executable release.
51560f99cd3022d05ab482dc535f3756ec4373a6334da75c49e99c4eefcfc6d5
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
b76f3be147a9483559333d14a283d267d85352df074912fc8ec5b79fefdde902
Tiny utility for supplying user defined environmental variables at a defined sized. Used in the Aid of auditing binaries that rely on environmental variables.
bcbf4702c1ce63b703fb72f404ac522f7e5b4577ebf112ca5b2edcd8d57f1b1e
fsfuzzer (0.6-lmh): This is a filesystem fuzzer. This tool creates initial (valid) filesystem images and then manipulates their binary format and structure for detecting flaws/bugs/design problems in the parsing/handling code for that particular filesystem. Expects a /media directory and some base tools (util-linux, etc) as well as support for some filesystems in the kernel (fortunately it will add the filesystems that are supported on your system, if it finds the necessary tools available).
92f98b9deaa72c4d86a635c40039aa5d0b2567e49e623d4120f4ec8f374f15a6
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
d30483f8e9b254765ea834846f66dda81784964a044db89c17ab0b4f71cfde86
Ohrwurm is a small and simple RTP fuzzer. Some features include the ability to read SIP messages to get information of the RTP port numbers, fuzzing of RTP traffic, allows for MITM attacks, and the RTP payload is fuzzed with a constant BER. The BER is also configurable.
c94bfe52cfd2e9ff52f4360cb6153a665bb2b4251c889c7a1a5a3bf75f346165
Autodafe is a fuzzing framework that can be used to uncover buffer overflows.
66f1fa68aeba85932e9c79b760b89b9184fd13b33abc6407ea470bf0a765ce44
AxMan is a web-based ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process. This allows for a much more realistic test than other COM-based assessment tools. AxMan is designed to be used with Internet Explorer 6 only.
d370f47f163ca2cf28ccae2e40fe171d874e6ee4533383e7585b974694f7bb4f