ARTICLE fuzzdb v1.05 - Attack and Discovery Pattern Database

Monday 19 April 2010 - 886 read - ( Keywords : Attack , Bruteforcers , Fuzzdb , Fuzzers )

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Fuzzdb is a comprehensive set of known attack pattern sequences to be utilized for intelligent brute force testing in order to rapidly identify exploitable conditions in new applications.

Primary sources used for attack pattern research:

- researching old web exploits for repeatable attack strings
- scraping scanner patterns from http logs
- various books, articles, blog posts, mailing list threads
- patterns gleaned from other open source fuzzers and pentest tools
- analysis of default app installs
- system and application documentation
- error messages

License is New BSD/ Creative Commons/Attribution.

More information: here

Thank you, to our friend Sebastien Gioria from OWASP to sharing this tool with us.


POSTSCRIPTUM

Download fuzzdb v1.05


RELATED ARTICLES

Attack, Bruteforcers, Fuzzdb, Fuzzers,

29 April 2010 : Fuzzdb v1.07 released
25 April 2010 : Fuzzdb updated to v1.06
19 April 2010 : fuzzdb v1.05 - Attack and Discovery Pattern Database