PaiMei is a reverse engineering framework consisting of multiple extensible components. The goal of the framework is to reduce the time from "idea" to prototype to a matter of minutes, instead of days. PaiMei is written entirely in Python and exposes at the highest level a debugger, a graph based binary abstraction and a set of utilities for accomplishing various repetitive tasks. The framework can essentially be thought of as a reverse engineer's swiss army knife and has already been proven effective for a wide range of both static and dynamic tasks such as: fuzzer assistance, code coverage tracking, data flow tracking and more.
f027a3b0b418697874b0a94638fd5384a09eea2e16778ac1bf21c0ea708b4c9aclfuzz is a command line argument fuzzer written in Python. It is very useful for auditing setuid binaries for command line overflows.
574e98fdf313a192edc3b21ee06943e44bcb1c39c9325d66467fde982361b938Mistress in an 'Application Sadism Environment' and can also be called a fuzzer. It is written in Python and was created for probing file formats on the fly and protocols with malformed data, based on pre-defined patterns. It is recommended that the project site be visited for further documentation and use cases.
8f1644949d6e28abd23dcd7e39f1895f3db11b73a3c7f690dd3821b1bf423415BSS (Bluetooth Stack Smasher) is a L2CAP layer fuzzer designed to assess the security of Bluetooth enabled devices by sending malicious packets.
aaba600425bcd01257183c65b4aa46278664ad27a4f671b325327a8cabb77e48A simple TCP/UDP protocol Fuzzer version 1.0.
4e540510eb4efa8acdd714de59e8a7dc27c629fdbac85816fe7263e76ed61aebSec-1 has identified an exploitable Buffer Overflow within the HTTP management interface of GFI MailSecurity 8.1. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.
4300d283bb084186da283e56ddae0e40446b1e8a04f555832a86566d3489b5dbnotSPIKEfile is a Linux based file format fuzzing tool. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It operates on an existing valid file and creates fuzzed files. It utilizes ptrace to pick up interesting signals and dump register state.
a2711126e8e8aebe618ca5d104cfa7e7468de6b5e3b1deee14a96dc6200dd065FileFuzz is a graphical, Windows based file format fuzzing tool. FileFuzz was designed to automate the creation of abnormal file formats and the execution of applications handling these files. FileFuzz also has built in debugging capabilities to detect exceptions resulting from the fuzzed file formats.
5a48c119109eb4bb7ff3b47201cae195735e48aa12255c9ab609f151d6fd7ee7SPIKEfile is a Linux based file format fuzzing tool, based on SPIKE 2.9. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It uses standard SPIKE scripts to generate files and utilizes ptrace to pick up interesting signals and dump register state.
56cfbaebafdad233b4cdf6e8075cef5dfbee94c35cdf1f519178d47016e00352Fuzzer that can be used for checking MSN passwords.
521db0a578c99849bb4ff77e2e8ff2bc390250a62b23e6d3745e1d4c6438a370SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. It provides efficient methods of determining which test case has caused a fault, offers more testing granularity and a friendlier user interface. Happy vulnerability searching.
6f8e40ebced231abc98ee810fa50e440085cb8daf39fb376e11fd4e3630cfc37Fuzzer version 1.1 is a multi protocol fuzzing tool written in Python. It can be used to find new SQL injection, format string, buffer overflow, directory traversal, and other vulnerabilities. Written with portability in mind.
ad4a7916cf9cce84ab9c2dce475b0ed875adddeb4bfc8ab1b7d78dbc34a6ed3cEfuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.
83c25ea1e5b3ca8eaa392c20d213c89de0afe7961f65d36d43a2f77976f63a9cScratch is an advanced protocol destroyer ("fuzzer") which can routinely find a wide variety of vulnerabilities from a simple packet. scratch does complex parsing of binary files to determine what to fuzz with what data. scratch also comes with a framework for fuzzing binary protocols such as SSL and SMB.
26861096b53a0495f71b6d7d37d347060e88af1e0f19d6cfcce6269219675691Webscan is a web site fuzzer that checks for remote vulnerabilities such as sql injection, cross site scripting, remote code execution, file disclosure, directory traversal, php includes, shell escapes, and insecure perl open() calls.
eafcdbf028f048e0942fbbf8b91c58bc7470b0555231101283ddfcebf8e7b45fMielieTool v.1.0 is an easy to use Perl based web application "fuzzer". It supports fuzzing of CGIs in forms and links and supports multiple sites. Requires HTTrack, Lynx, grep, find, and rm.
efe615a070bb52a86f4508d814701ed4d6a3c1ea75ca01531f7e8a5ad1cf4e47
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed