Section: .. / fuzzer /
| /// File Name: |
wfuzz-1.4.tar.gz |
Description:
|
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, files), bruteforce HEADERS, GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/ Password), Fuzzing, etc.
| | Author: | Carlos del ojo,Christian Martorella | | Homepage: | http://www.edge-security.com/ | | File Size: | 148273 | | Last Modified: | Jan 25 03:29:33 2008 |
| MD5 Checksum: | b42b4449a9dade16c65a2a6928858e51 |
|
| /// File Name: |
pgmfuzz.c |
Description:
|
PGMfuzz is a fuzzer written for identifying vulnerabilities in PGM option parsing implementations.
| | Author: | Varun Uppal,Andy Davis - IRMPLC | | Homepage: | http://www.irmplc.com/ | | File Size: | 12617 | | Last Modified: | Dec 11 23:10:23 2007 |
| MD5 Checksum: | 7c6b0d9d6be1af9843f432ff7d30f6ac |
|
| /// File Name: |
bunny-0.92.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | Changes: | IPC handling bug fix. | | File Size: | 64537 | | Last Modified: | Nov 8 18:26:21 2007 |
| MD5 Checksum: | 37ee71ac134446b5560d912ea82da562 |
|
| /// File Name: |
bunny-0.91.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | Changes: | Various bug fixes. | | File Size: | 64412 | | Last Modified: | Nov 7 00:27:22 2007 |
| MD5 Checksum: | 288b17950491878e849c03b3580bdeda |
|
| /// File Name: |
zzuf-0.10.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | Changes: | Various code and documentation updates. | | File Size: | 425897 | | Last Modified: | Nov 2 22:38:32 2007 |
| MD5 Checksum: | 2cbaea84c18304df15ef6e74c0fb2d16 |
|
| /// File Name: |
bunny-0.9.tgz |
Description:
|
Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
| | Author: | Michal Zalewski | | Homepage: | http://code.google.com/p/bunny-the-fuzzer/ | | File Size: | 63824 | | Last Modified: | Oct 31 18:29:40 2007 |
| MD5 Checksum: | 91dbc29e0ecda883078f012844566bb4 |
|
| /// File Name: |
WAFUTFF.pdf |
Description:
|
Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 83733 | | Last Modified: | Sep 5 00:45:10 2007 |
| MD5 Checksum: | add66aa7259bcf872fdab3c30ab0c06d |
|
| /// File Name: |
PSA3.zip |
Description:
|
PHP Source Auditor III (or PSA3) was created in order to quickly find vulnerabilities in PHP source code. Written in Perl.
| | Author: | Ironfist | | File Size: | 6768 | | Last Modified: | Jul 27 22:25:48 2007 |
| MD5 Checksum: | dabe3fa7d3c23bfd494f6ae51cc6174e |
|
| /// File Name: |
EFS-PaiMei.zip |
Description:
|
The Evolutionary Fuzzing System (EFS) is a fuzzer that attempts to eliminate traditional fuzzer techniques of building a new fuzzer for each protocol by dynamically learning a protocol using code coverage and other feedback mechanisms.
| | Author: | Jared DeMott | | Homepage: | http://www.vdalabs.com/ | | File Size: | 3685497 | | Last Modified: | Jul 12 21:12:51 2007 |
| MD5 Checksum: | 5a6839d0c5ad756bc27a9c817bda71f9 |
|
| /// File Name: |
GPF.tar.bz2 |
Description:
|
GPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.
| | Author: | Jared DeMott | | Homepage: | http://www.vdalabs.com/ | | File Size: | 3696219 | | Last Modified: | Jul 12 21:10:46 2007 |
| MD5 Checksum: | b8bb677fd9a0469bc9eaa6326d892e35 |
|
| /// File Name: |
pyfault-0.1a.zip |
Description:
|
PyFault is a python library for fault injection in Win32 based applications. Currently it implements a DLL injection and ejection mechanism.
| | Author: | JS | | Homepage: | http://vdalabs.com/ | | File Size: | 206092 | | Last Modified: | Jul 11 21:08:40 2007 |
| MD5 Checksum: | 669f7f96cd7973a8f0071dae292c17fe |
|
| /// File Name: |
zzuf-0.9.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | File Size: | 422252 | | Last Modified: | Jul 11 03:19:36 2007 |
| MD5 Checksum: | 2c63c33b874877454ef5123c3c964a20 |
|
| /// File Name: |
pff-BETA.tar.gz |
Description:
|
pff (Php Fuzzing Framework) is a tiny tool that was created with the intention of discovering security and general bugs within Php functions.
| | Author: | calcite | | Homepage: | http://setec.org/~calcite/ | | File Size: | 15072 | | Last Modified: | Jul 7 00:35:31 2007 |
| MD5 Checksum: | ebbeca3a8634877abc7341608b0f6c18 |
|
| /// File Name: |
untidy-beta2.tgz |
Description:
|
untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
| | Author: | Andres Riancho | | Homepage: | http://untidy.sourceforge.net/ | | File Size: | 9752 | | Last Modified: | Jun 7 01:22:07 2007 |
| MD5 Checksum: | 975159c10cd897f66408cf0b0d4283de |
|
| /// File Name: |
proxyfuzz.py.txt |
Description:
|
ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
| | Author: | Rodrigo Marcos | | Homepage: | http://theartoffuzzing.com/ | | File Size: | 5751 | | Last Modified: | Apr 5 02:19:50 2007 |
| MD5 Checksum: | 16335167eec8447d244ca48ab1ae1b2a |
|
| /// File Name: |
Fuzzled-1.0.tar.gz |
Description:
|
Fuzzled is a powerful fuzzing framework. Fuzzled includes helper functions, namespaces, factories which allow a wide variety of fuzzing tools to be developed. Fuzzled comes with several example protocols and drivers for them.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 31082 | | Last Modified: | Mar 23 22:03:06 2007 |
| MD5 Checksum: | 4d71849c1f07e89ae4289ac6557e4693 |
|
| /// File Name: |
ospf-ash.txt |
Description:
|
OSPF Attack Shell module. This may be useful for writing fuzzers.
| | Author: | GomoR | | Homepage: | http://www.gomor.org/ | | File Size: | 16249 | | Last Modified: | Mar 20 10:58:35 2007 |
| MD5 Checksum: | efe7b6a9186a91be5e306397d5261439 |
|
| /// File Name: |
Net-Frame-Layer-LLTD-1.00.tar.gz |
Description:
|
LLTD (Link Layer Topology Discovery Protocol) Perl module written using the Net::Frame framework. This may be useful for creating fuzzers.
| | Author: | GomoR | | Homepage: | http://www.gomor.org/ | | File Size: | 10842 | | Last Modified: | Mar 20 10:56:34 2007 |
| MD5 Checksum: | bdb6e393dbf5e3682b0e3f7a0d3b2a44 |
|
| /// File Name: |
zzuf-0.8.1.tar.gz |
Description:
|
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
| | Author: | Sam Hocevar | | Homepage: | http://sam.zoy.org/zzuf/ | | File Size: | 419718 | | Last Modified: | Mar 6 00:50:01 2007 |
| MD5 Checksum: | 1970dcf4f77251bea843b0f6ae19231c |
|
| /// File Name: |
jbrofuzz-win32-05.zip |
Description:
|
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
| | Homepage: | http://www.owasp.org/index.php/Category:OWASP_JBroFuzz | | Changes: | Generators are read from file, Removed the jbrf1 file format and using a single txt file, TCP Sniffing gives the ability to launch a browser while sniffing traffic, updated a number of user interface components including the MenuBar, added copy-paste functionality within the application. This version is the executable release. | | File Size: | 1447361 | | Last Modified: | Feb 23 20:57:53 2007 |
| MD5 Checksum: | 6678b115dde95c6db5a410a195609dcc |
|
| /// File Name: |
jbrofuzz-jar-05.zip |
Description:
|
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
| | Homepage: | http://www.owasp.org/index.php/Category:OWASP_JBroFuzz | | Changes: | Generators are read from file, Removed the jbrf1 file format and using a single txt file, TCP Sniffing gives the ability to launch a browser while sniffing traffic, updated a number of user interface components including the MenuBar, added copy-paste functionality within the application. | | File Size: | 1272642 | | Last Modified: | Feb 23 20:57:20 2007 |
| MD5 Checksum: | 6bac2d67331edf3cd7b943929e3db25c |
|
| /// File Name: |
taof-0.3.tgz |
Description:
|
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
| | Author: | Rodrigo Marcos | | Homepage: | http://sourceforge.net/projects/taof | | Changes: | Version 0.3 adds support for fuzzing both TCP and UDP protocols. Moreover, Taof 0.3 aids the monitoring process during fuzzing by the use of an embedded debugger (PyDbg). | | File Size: | 1126400 | | Last Modified: | Feb 6 00:25:49 2007 |
| MD5 Checksum: | 32c86c5f27a66aa583f0b2ce1534afcc |
|
| /// File Name: |
jbrofuzz-0.4-src.zip |
Description:
|
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the source code release.
| | Homepage: | http://www.owasp.org/index.php/Category:OWASP_JBroFuzz | | Changes: | Generators are read from file, Removed the jbrf1 file format and using a single txt file, TCP Sniffing gives the ability to launch a browser while sniffing traffic, updated a number of user interface components including the MenuBar, added copy-paste functionality within the application. | | File Size: | 217729 | | Last Modified: | Feb 5 23:10:26 2007 |
| MD5 Checksum: | c24a60894f8f97b3f70d40b9280f0768 |
|
| /// File Name: |
jbrofuzz-0.4-exe.zip |
Description:
|
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. This version is the Win32 executable release.
| | Homepage: | http://www.owasp.org/index.php/Category:OWASP_JBroFuzz | | Changes: | Generators are read from file, Removed the jbrf1 file format and using a single txt file, TCP Sniffing gives the ability to launch a browser while sniffing traffic, updated a number of user interface components including the MenuBar, added copy-paste functionality within the application. | | File Size: | 606228 | | Last Modified: | Feb 5 23:10:05 2007 |
| MD5 Checksum: | 573e8bb3daaf2fe482465197ac0c6148 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
