what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 137 RSS Feed

Files

Deliverance 0.018-daf9452 File Descriptor Fuzzer
Posted May 24, 2022
Authored by Marshall Whittaker | Site github.com

Deliverance is a file descriptor fuzzer written in bash. It injects random data into file descriptors of pids associated with a process until the program crashes, then outputs the results of what caused the crash. It leaves behind files that were used as input for the last 2 minutes before the fault, useful for reproduction.

tags | tool, bash, fuzzer
SHA-256 | b2d5c61d25c3596775232700731b3c52f39be5ff2131841bfe8f930ed516e6e3
Google OSS Fuzz
Posted Dec 17, 2021
Authored by Google Security Research | Site google.github.io

Google's OSS Fuzz tool aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution.

tags | tool, fuzzer
SHA-256 | 1f94e7fcbd0c18872fc368ecbd888174560869f1a562d7dbc2b825627c63f525
litefuzz 1.0
Posted Sep 20, 2021
Authored by Jeremy Brown | Site github.com

litefuzz is a multi-platform fuzzer for poking at userland binaries and servers.

tags | tool, fuzzer
systems | unix
SHA-256 | f25a4127aa0a0332f8898ed435abea7ff3f6fdf48ec55273a12cb50f97f07dd3
ISO-8385 Protocol Fuzzer
Posted Feb 5, 2020
Authored by Fakhir Karim Reda

This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.

tags | tool, protocol, python, fuzzer
SHA-256 | d1cd712ddf8adaf71b93d57c4b8957aa1038bc884f3451a6f085124d3115cc0d
Maavi Fuzzing Utility
Posted Jan 20, 2020
Authored by Haroon Awan | Site github.com

Maavi is a fuzzing tool that scans for vulnerabilities with obfuscated payloads. Has proxy support, records full history of actions, and has various bells and whistles.

tags | tool, vulnerability, fuzzer
SHA-256 | 83e2d13d1dfbe16a16867f317e1413371ce7f3ad3f71149f9a2e4f61297de7a3
Ansvif 1.12
Posted Oct 30, 2019
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is a bugfix release to ansvif. Many things were tweaked and fixed since the last version, but no real functionality has changed.
tags | tool, fuzzer
systems | unix
SHA-256 | b1ab3d738d61d727cce3db2834c74e0d3f9d64dd23f7c1d305ccd92c05839223
Ansvif 1.11
Posted Jan 3, 2019
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and slight improvements in speed. Some code readability has been improved. This release is known to work on Android 7.1.1 (tested on a Motorola Droid Maxx 2), Ubuntu Linux x86_64, as well as Windows 10 x86_64.
tags | tool, fuzzer
systems | unix
SHA-256 | 037f63c0d88d988078c440d65fcb3f037111f9486171391578f674f2cc68e1c6
XSS Fuzzer
Posted Nov 28, 2018
Authored by Poyo VL | Site xssfuzzer.com

XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an iframe. Inside iframes, it is possible to send GET or POST requests from the browser to arbitrary URLs using generated payloads.

tags | tool, arbitrary, javascript, fuzzer
SHA-256 | 75dbb38b248d52be321de6e1340065eac23ecbb902931e83075eb886bfa9a0bb
Ansvif 1.11a
Posted Oct 23, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is an initial Android pre-release.
tags | tool, fuzzer
systems | unix
SHA-256 | 7fb1e433412d64fcd2335a3ebe7f66437ef34d5a0d3a1df62e2476f3169244ba
Ansvif 1.10
Posted Aug 27, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release comes with lots of bug fixes and a couple new features added to the GTK frontend.
tags | tool, fuzzer
systems | unix
SHA-256 | a45e7858e17f46a83a5612c75c070edff04dda6eab8f0a582f20f2ae5596d1d6
BadParser 1.6.42218.0
Posted Apr 24, 2018
Authored by John Leitch

BadParser is a vulnerability parser designed to aid in the testing of fuzzers by simulating different kinds of memory corruption issues. Vulnerabilities are simulated by causing write-access violations at specific addresses, which serve as unique identifiers for the different issues. BadParser supports JSON and XML input files, with other file formats planned.

tags | tool, vulnerability, fuzzer
SHA-256 | 367f7dde5a91009874def600cffd3663977c783f792f9dde52d689d05d61d3af
Ansvif 1.9.1
Posted Apr 19, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This version is a bugfix release that includes lots of error handling.
tags | tool, fuzzer
systems | unix
SHA-256 | 11210463d7d354962165bf3887b2384b20d757d1e57785e6996cdb17c9a257d9
Ansvif 1.9
Posted Apr 16, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bugfixes and a bunch of new entries in the examples folder.
tags | tool, fuzzer
systems | unix
SHA-256 | 5cadf0ed2373636137cac4f25fb26de7d52672f89c3498a780239f53cb6690bb
Ansvif 1.8.1.1
Posted Dec 29, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release is for Windows 10 compatibility. Includes an ansvif.exe (with embedded icon this time), and printf.exe for reproducing faults. Also included are the examples to test ansvif on.
tags | tool, fuzzer
systems | unix
SHA-256 | a6465c6ebdc9d2ee488e2f8e4ef6e93e8ae72c06bb4873aee84e3b20039b9f2d
Ansvif 1.8.1
Posted Oct 26, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Bug fixes and a new option to let you control if null characters are in the fuzz.
tags | tool, fuzzer
systems | unix
SHA-256 | da5e7c56de700078c640a0eaaa287e9643cb97d56dc08a942a48fbd3fe8700f1
Fuzzing Font Parsing
Posted Oct 23, 2017
Authored by James Fell

This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.

tags | tool, web, vulnerability, python, fuzzer
systems | unix
SHA-256 | c8318c528d7e608b8d2215bee4998862b6f54b96d2c952d42a31f344c81b6f0d
Ansvif 1.8
Posted Sep 12, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes some touchups to the main ansvif code, better crash detection under linux, as well as a primary new feature: the frontend to ansvif.
tags | tool, fuzzer
systems | unix
SHA-256 | 3802ca4a49b5033554a89567a685f4ee9e22fddddc120125d769fb7317fcfa8e
Ansvif 1.7
Posted Apr 13, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release marks easier compiling on most modern operating systems including Windows 7, Windows 10, Linux (Redhat and Debian based distros), and OpenBSD. It may compile/work on other operating systems but has not been tested. This is mostly a source code release with lots of code cleanup, and no new features.
tags | tool, fuzzer
systems | unix
SHA-256 | 2c2eb4b44d8649611c833b65e2abf446870ef2d3d44d84e0f9b8e57d41fb1e33
Ansvif 1.6.2
Posted Feb 25, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and includes a -y or -b 0 option for zero buffer size (useful with -A and -B when in use with other fuzzers), and a -K option to keep going after a crash (usually only useful when logging).
tags | tool, fuzzer
systems | unix
SHA-256 | fe07ede744275e79f00a3a21f07bc10a3f99cfcb3d440819651a51f0048d0d2b
Mobile Security Framework MobSF 0.9.3 Beta
Posted Nov 23, 2016
Authored by Ajin Abraham | Site github.com

Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.

Changes: Clipboard Monitor for Android Dynamic Analysis. Windows APPX Static Analysis Support. Added Docker File. Added Support for Kali Linux. Various other additions and improvements.
tags | tool, web, vulnerability, fuzzer, xxe
systems | cisco, ios
SHA-256 | 700cdd3f3460d4db512a15ccc778012b27d14b9d9019961e561b1b27ac8ed277
Ansvif 1.6.1
Posted Nov 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).
tags | tool, fuzzer
systems | unix
SHA-256 | 859f9e504580cf957ec756c239cf58ea4940fa4416cab0fa7e4d1ea6024c0f4c
Ansvif 1.6
Posted Oct 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bug fixes, and better Windows compatibility. Now there is no need for the extra .dll files in the Windows version.
tags | tool, fuzzer
systems | unix
SHA-256 | 19bbf1fdbe1324ff2ced174a8f2d184803feb3b504d30584ac8f333a272bf693
Ansvif 1.5.2
Posted Jun 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a bunch of bug fixes, and manual pages. No changes to the Windows code.
tags | tool, fuzzer
systems | unix
SHA-256 | 8cbb2942a45529e4a172b71ddae8cca063120b045162d57ff421c2568ebaf477
Ansvif 1.5.1
Posted Jun 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes drafted manpages for ansvif and find_suid, plus binaries rebuilt on Debian Jessie for i386 and amd64. No changes to the Windows release were made.
tags | tool, fuzzer
systems | unix
SHA-256 | 137f4129bf84d136fdaf3188611d5b02c8a2b428fdba539491a493f4dc8dd450
Ansvif 1.5
Posted May 19, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes new ways to crash programs using things like 1, -1, 0, x00 (null), etc. Also included are some minor bug fixes. It also includes binaries for most supported operating systems, Debian/Ubuntu 32 and 64 bit, Windows 10 32 and 64 bit.
tags | tool, fuzzer
systems | unix
SHA-256 | 73cd912b4a74cd25d0860b10e7ac731500637a4876559d8d12e806dc2d99b644
Page 1 of 6
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
The Abortion Clues That Can Hide On Your Phone
Posted Jun 28, 2022

tags | headline, government, privacy
Russia's Killnet Hacker Group Says It Attacked Lithuania
Posted Jun 27, 2022

tags | headline, government, russia, denial of service, cyberwar
Contractor Loses Entire Japanese City's Personal Data In USB Fail
Posted Jun 27, 2022

tags | headline, privacy, data loss, japan
Beijing Probes Security At Academic Journal Database
Posted Jun 27, 2022

tags | headline, government, china, data loss
UK Security Services Must Seek Approval To Access Telecoms Data, Judge Rules
Posted Jun 27, 2022

tags | headline, government, privacy, phone, britain, spyware
NSO Claims More Than 5 EU States Use Pegasus Spyware
Posted Jun 24, 2022

tags | headline, government, phone, israel, spyware, apple
Beijing-Backed Attackers Use Ransomware As Decoy While They Conduct Espionage
Posted Jun 24, 2022

tags | headline, malware, china, cyberwar, spyware
Google Warns Spyware Being Deployed Against Android, iOS
Posted Jun 24, 2022

tags | headline, hacker, malware, phone, google, spyware, apple
Microsoft Compares Russian Hacks Of Ukraine To Assassination That Started World War I
Posted Jun 24, 2022

tags | headline, hacker, government, microsoft, russia, cyberwar, military
Fancy Bear Uses Nuke Threat Lure To Exploit 1-Click Bug
Posted Jun 23, 2022

tags | headline, hacker, malware, russia, flaw
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close