Category Fuzzers

Fuzzdb v1.07 released

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Read More

Fuzzdb updated to v1.06

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Read More

fuzzdb v1.05 - Attack and Discovery Pattern Database

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Read More

JBroFuzz v2.1 released

JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Read More

Peach Fuzzer Framework v2.3.4 released

Peach is a cross-platform fuzzing framework. Its main goals include short development time, code reuse, ease of use, and flexibility. It can fuzz just about anything, including COM/ActiveX, SQL, shared libraries and DLLs, network applications, and the Web.
Tags

Read More

Netsparker author released Freakin’ Simple Fuzzer v0.7.3.5

FSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data. It supports some basic stuff and missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications.

Read More

iExploder v1.5 - Web Browser Quality Assurance Tester

iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.

Read More

JBroFuzz v2.0 released

JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Read More

Eclipse HTTP Client (HTTP4e) v3.0 available

Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking.

Read More

Browser Rider v20090204 released

Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit.

Read More

Browser Fuzzer v3 released

Browser Fuzzer 3 (bf3) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.

Read More

JBroFuzz v1.8 released

JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Read More

Eclipse HTTP Client (HTTP4e) v2.0 available

Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking.

Read More

JBroFuzz v1.6 released

JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Read More

MiniFuzz File Fuzzer v0.1

MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code.

Read More

Fusil the fuzzer v1.2 released

Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.

Read More

Browser Rider v20081124 : Framework for hacking browsers

“Browser Rider†is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit.

Read More

MultiInjector v0.3 released

MultiInjector claims to the first configurable automatic website
defacement software.

Read More

VoIPER v0.07 released

VoIPER is a security toolkit that aims to allow developers and security researchers to easily, extensively and automatically test VoIP devices for security vulnerabilties. It incorporates a fuzzing suite built on the Sulley fuzzing framework, a SIP torturer tool based on RFC 4475 and a variety of auxilliary modules to assist in crash detection and debugging

Read More

Fusil the fuzzer 1.0 beta3 available

Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.

Read More