fuzzdb v1.05 - Attack and Discovery Pattern Database

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Fuzzdb is a comprehensive set of known attack pattern sequences to be utilized for intelligent brute force testing in order to rapidly identify exploitable conditions in new applications.

Primary sources used for attack pattern research:

  • researching old web exploits for repeatable attack strings
  • scraping scanner patterns from http logs
  • various books, articles, blog posts, mailing list threads
  • patterns gleaned from other open source fuzzers and pentest tools
  • analysis of default app installs
  • system and application documentation
  • error messages

License is New BSD/ Creative Commons/Attribution.

More information: here

Thank you, to our friend Sebastien Gioria from OWASP to sharing this tool with us.