Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
8cbb2942a45529e4a172b71ddae8cca063120b045162d57ff421c2568ebaf477
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
137f4129bf84d136fdaf3188611d5b02c8a2b428fdba539491a493f4dc8dd450
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
73cd912b4a74cd25d0860b10e7ac731500637a4876559d8d12e806dc2d99b644
Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.
9a9189b4d7fe03495edaca2f8d76a9fbb34f18d666bd43cc24ac1ab1a8d428dd
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
a5e74466bf5d7a40e44822cdd15c9e5cc024ccc34fa74f8f76dac9b988c0409f
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
9d07e5503f96d0d3de861f3ec9ee443ac994d001041bc322b99a98cdf16c1d48
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
03aa7a13bfdfe21bdfb285637110b79d655dcbc30dbd9e6d2f05684fd284ab98
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
1117d125c5524973efe272843f61fa5ff8e2598f49a747d199c4984330e5d6f2
Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK and IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.
215db863dcdeca863fb174fd724d9d0cdd0c4653f30eb69dab71e49afcaeda6c
ShakeIt is a grammar mutation engine targeting browsers and PDF readers. For a given input, such as a web page or PDF file, and an output location, it will generate N mutated test cases. It was implemented in C#, but can be ported to other languages and is meant to fit within an existing fuzzing framework.
2c0f6f6b21b511449035e2b2b61b08aee0745f3cdf87d7aafc0923f37045eda2
This is a python script that can be used to fuzz PKZip files.
a2bdb33bcb41c294dc85b483289846e5c47e3a42a7557fc3c7123a4a4f56c006
Melkor is an ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). Written in C, Melkor is a very intuitive and easy-to-use fuzzer to find functional (and security) bugs in ELF parsers.
dd37ddae34290ee552fdb5daee71e308b3ff192171694e83af256441719509d2
xml2 Fuzzer is a fuzzing utility that daemonizes in order to fuzz the client side of a web browser.
6ce1679a18a737f7e82c37dd5a21cc85bfe82165cf1e8c95fb312c29f4e930d0
This is a master TFTP fuzzing script that is part of the ftools series of fuzzers.
755340a7bf126ffa85a75b665f2ab8d8bbce4423a7d9465e50f20688867b3732
This tool is for fuzzing different protocols such as FTP, HTTP, IMAP, and more. It also has no-protocol plugins like a file fuzzer. Written in Python.
874583a408997ba23522c16d137b1b132dcb40cc56646b50321f388166592a45
Simple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
a65bb4d048c713dd9ecc4b42b98cc124516fd5c1df19deddfc664476aad7caac
DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.
7c954b9db834e02e36acbc4ebda32cfec3049f30d94668702004db28f42c7afe
UniOFuzz is a universal fuzzing tool for browsers, web services, files, programs and network services/ports.
380fc307bd2912319ae5d082144514b94ae7530562d2f08c5340c2bf28993e12
PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
3c0e45c995b45ccd06e3e1921ce42b2dc006e7c50ef41f09e35465397971feca
PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
9518133a3f1021b40158214497372d472d196b47de6a8109d45d82f46f801c50
SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.
4fd73eaa07d985c2b97468b07640cbf674016b6d676e720e5c0ed70b2df09c64
rtspFUZZ is a real time streaming protocol server fuzzer. It uses 6 basic crafting techniques OPTIONS,DESCRIBE,SETUP,PLAY,GET_PARAMETER,TEARDOWN,PAUSE etc rtsp commands and 9 advanced crafting techniques to test any target application. It has the ability to fuzz with Metasploit Pattern (pattern_create.rb) which can be helpful for finding the offset.
b3f05d18dd413771887842b4ada5d866099b1674425ad0bca2f4323f6772668f
PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
ceb5c22d39fc6f90b7e680e8c9287c121c4d955d426bab53fde7a92a6c51c13f
FuzzTalk is an XML driven fuzz testing framework that emphasizes easy extensibility and reusability. While most fuzzing frameworks require in depth programming knowledge, FuzzTalk can test a wide range of network protocols with the help of XML templates. Includes scripts for fuzzing HTTP, FTP, and SMTP servers.
6d7aeec133b9386bd209b8716b27fc1d4d48ef3178ef969a9eb75f2172ef6eed
PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
add28806781ecf08f8b6dd125cf3fe1ef7b0857f91e72062ae1768273680e1fe