Section: .. / fuzzer /
| /// File Name: |
tmin-0.04.tar.gz |
Description:
|
tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/tmin/ | | File Size: | 11336 | | Last Modified: | Jun 19 18:23:25 2008 |
| MD5 Checksum: | ec8d0047b0441cd963979080d427c0bd |
|
| /// File Name: |
zzuf-0.12.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | Changes: | Finished the libzzuf manual page, a crash, and some other bugs. | | File Size: | 446043 | | Last Modified: | Jun 13 19:14:01 2008 |
| MD5 Checksum: | 39f97432b02e358cdf2915f844ee3106 |
|
| /// File Name: |
bunny-0.93.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | Changes: | Bug fix release. | | File Size: | 64575 | | Last Modified: | May 22 19:44:45 2008 |
| MD5 Checksum: | 95fac3531bf5b64e20aab748278c2129 |
|
| /// File Name: |
zzuf-0.11.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | Changes: | Minor memory and speed optimizations. | | File Size: | 440335 | | Last Modified: | May 19 19:11:53 2008 |
| MD5 Checksum: | bcb727ffb2af3574d22f8c5768f95490 |
|
| /// File Name: |
sqlfuzzer.py.txt |
Description:
|
SQL Injector version 1.0 is a fuzzing utility written in Python.
| | Author: | Beenu Arora | | File Size: | 775 | | Last Modified: | May 15 04:17:36 2008 |
| MD5 Checksum: | 30658df42570e5cc8bf5a21363643df6 |
|
| /// File Name: |
xsschecker.py.txt |
Description:
|
Cross site scripting fuzzing utility written in Python.
| | Author: | Beenu Arora | | File Size: | 1945 | | Last Modified: | May 15 04:16:34 2008 |
| MD5 Checksum: | 87e7d424c10d56a7fc8c08dc5f96dc2a |
|
| /// File Name: |
tmin-0.03.tar.gz |
Description:
|
tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/tmin/ | | File Size: | 11319 | | Last Modified: | Apr 28 18:38:32 2008 |
| MD5 Checksum: | 403793ec22c6d0f7675c87cce652edd3 |
|
| /// File Name: |
syslog-fuzzer.txt |
Description:
|
Syslog Fuzzer is a small perl script tool that is useful for testing some attack vectors against syslog servers. It has support for buffer/integer overflows and format string vulnerabilities.
| | Author: | Jaime Blasco | | Homepage: | http://www.aitsec.com/syslog-fuzzer.php | | File Size: | 4063 | | Last Modified: | Apr 8 22:49:48 2008 |
| MD5 Checksum: | 7a282e1f7d9772d3b3cb116e108c966c |
|
| /// File Name: |
wfuzz-1.4.tar.gz |
Description:
|
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, files), bruteforce HEADERS, GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/ Password), Fuzzing, etc.
| | Author: | Carlos del ojo, Christian Martorella | | Homepage: | http://www.edge-security.com/ | | File Size: | 148273 | | Last Modified: | Jan 25 03:29:33 2008 |
| MD5 Checksum: | b42b4449a9dade16c65a2a6928858e51 |
|
| /// File Name: |
pgmfuzz.c |
Description:
|
PGMfuzz is a fuzzer written for identifying vulnerabilities in PGM option parsing implementations.
| | Author: | Varun Uppal, Andy Davis | | Homepage: | http://www.irmplc.com/ | | File Size: | 12617 | | Last Modified: | Dec 11 23:10:23 2007 |
| MD5 Checksum: | 7c6b0d9d6be1af9843f432ff7d30f6ac |
|
| /// File Name: |
bunny-0.92.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | Changes: | IPC handling bug fix. | | File Size: | 64537 | | Last Modified: | Nov 8 18:26:21 2007 |
| MD5 Checksum: | 37ee71ac134446b5560d912ea82da562 |
|
| /// File Name: |
bunny-0.91.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | Changes: | Various bug fixes. | | File Size: | 64412 | | Last Modified: | Nov 7 00:27:22 2007 |
| MD5 Checksum: | 288b17950491878e849c03b3580bdeda |
|
| /// File Name: |
zzuf-0.10.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | Changes: | Various code and documentation updates. | | File Size: | 425897 | | Last Modified: | Nov 2 22:38:32 2007 |
| MD5 Checksum: | 2cbaea84c18304df15ef6e74c0fb2d16 |
|
| /// File Name: |
bunny-0.9.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | File Size: | 63824 | | Last Modified: | Oct 31 18:29:40 2007 |
| MD5 Checksum: | 91dbc29e0ecda883078f012844566bb4 |
|
| /// File Name: |
WAFUTFF.pdf |
Description:
|
Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 83733 | | Last Modified: | Sep 5 00:45:10 2007 |
| MD5 Checksum: | add66aa7259bcf872fdab3c30ab0c06d |
|
| /// File Name: |
PSA3.zip |
Description:
|
PHP Source Auditor III (or PSA3) was created in order to quickly find vulnerabilities in PHP source code. Written in Perl.
| | Author: | Ironfist | | File Size: | 6768 | | Last Modified: | Jul 27 22:25:48 2007 |
| MD5 Checksum: | dabe3fa7d3c23bfd494f6ae51cc6174e |
|
| /// File Name: |
EFS-PaiMei.zip |
Description:
|
The Evolutionary Fuzzing System (EFS) is a fuzzer that attempts to eliminate traditional fuzzer techniques of building a new fuzzer for each protocol by dynamically learning a protocol using code coverage and other feedback mechanisms.
| | Author: | Jared DeMott | | Homepage: | http://www.vdalabs.com/ | | File Size: | 3685497 | | Last Modified: | Jul 12 21:12:51 2007 |
| MD5 Checksum: | 5a6839d0c5ad756bc27a9c817bda71f9 |
|
| /// File Name: |
GPF.tar.bz2 |
Description:
|
GPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.
| | Author: | Jared DeMott | | Homepage: | http://www.vdalabs.com/ | | File Size: | 3696219 | | Last Modified: | Jul 12 21:10:46 2007 |
| MD5 Checksum: | b8bb677fd9a0469bc9eaa6326d892e35 |
|
| /// File Name: |
pyfault-0.1a.zip |
Description:
|
PyFault is a python library for fault injection in Win32 based applications. Currently it implements a DLL injection and ejection mechanism.
| | Author: | JS | | Homepage: | http://vdalabs.com/ | | File Size: | 206092 | | Last Modified: | Jul 11 21:08:40 2007 |
| MD5 Checksum: | 669f7f96cd7973a8f0071dae292c17fe |
|
| /// File Name: |
zzuf-0.9.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | File Size: | 422252 | | Last Modified: | Jul 11 03:19:36 2007 |
| MD5 Checksum: | 2c63c33b874877454ef5123c3c964a20 |
|
| /// File Name: |
pff-BETA.tar.gz |
Description:
|
pff (Php Fuzzing Framework) is a tiny tool that was created with the intention of discovering security and general bugs within Php functions.
| | Author: | calcite | | Homepage: | http://setec.org/~calcite/ | | File Size: | 15072 | | Last Modified: | Jul 7 00:35:31 2007 |
| MD5 Checksum: | ebbeca3a8634877abc7341608b0f6c18 |
|
| /// File Name: |
untidy-beta2.tgz |
Description:
|
untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
| | Author: | Andres Riancho | | Homepage: | http://untidy.sourceforge.net/ | | File Size: | 9752 | | Last Modified: | Jun 7 01:22:07 2007 |
| MD5 Checksum: | 975159c10cd897f66408cf0b0d4283de |
|
| /// File Name: |
proxyfuzz.py.txt |
Description:
|
ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
| | Author: | Rodrigo Marcos | | Homepage: | http://theartoffuzzing.com/ | | File Size: | 5751 | | Last Modified: | Apr 5 02:19:50 2007 |
| MD5 Checksum: | 16335167eec8447d244ca48ab1ae1b2a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
