Projects

xmlfuzzer

An XML fuzzing tool. Xmlfuzzer takes XML Scheme on input and returns valid XML document with random data.

sulley

Sulley is a fuzzer development and fuzz testing framework consisting of multiple extensible components. Sulley (IMHO) exceeds the capabilities of most previously published fuzzing technologies, commercial and public domain. The goal of the framework is to simplify not only data representation but to ... [More] simplify data transmission and target monitoring as well. Sulley is affectionately named after the creature from Monsters Inc., because, well, he is fuzzy. Modern day fuzzers are, for the most part, solely focus on data generation. Sulley not only has impressive data generation but has taken this a step further and includes many other important aspects a modern fuzzer should provide. Sulley watches the network and methodically maintains records. Sulley instruments and monitors the health of the target, capable of reverting to a known good state using multiple methods. Sulley detects, tracks and categorizes detected faults. Sulley can fuzz in parallel, significantly increasing test speed. Sulley can automatically determine what unique sequence of test cases trigger faults. Sulley does all this, and more, automatically and without attendance. [Less]

terot

Having a full test suite with good coverage for your large application is an essential tool for maintaining code reliability and programmer sanity, but despite this, many projects still neglect this important aspect of software development. In pondering this programming paradox, I came to ... [More] understand two fundamental axioms of software development: 1. Software developers are pompous *******s who truly believe their code is simply too elegant and efficient to necessitate testing, despite half a century of testament to the contrary and a bulging bug list. 2. Writing unit tests is simply not much fun. Unfortunately, no software tool will ever be capable of bending the average software developer's ridiculously inflated ego, but a tool that can provide a comprehensive test suite without requiring the writing of a single test ... well, at least it's a Turing-computable problem. Terot began life as a project to teach myself the intricacies of Java generics & reflection, but somehow grew into a project that taught me generics and reflection, AND was available for free on Google Code. The basic premise is that by injecting essentially random data into your methods and recording the results, you can identify behavioral changes in your application's logic and predict future problems before they occur. To this end, The Goal of the project is to develop a tool that provides the most generally useful test analysis as possible, while requiring a hard limit of half an hour to set up on a project of arbitrary size. [Less]

jsfuzzer

This fuzzing tool allows fuzzing of events, tags, styles and HTML attributes. You can use incomplete tags with various depth and randomise case of all parameters. It also contains a database of all new attack vectors gathered.

netcicala

securtiy tools

fuzzminder

The goal of this project is to make available tools to help manage speed while driving. If managing speed is a problem, then in the future we hope to add tools and functionality that will alert others as to the whereabouts of red-light cameras, traffic cops, etc. There are several features to be ... [More] implemented, this code was originally used to introduce the Android platform to the St. Louis Gateway JUG. [Less]

webreak

My new security blog @ http://deesec.com/ Webreak is a software designed to perform security audits on web applications. It's the next generation of wfuzz It's main objetives are: Brute force application parameters Finding hidden paths Features: Multiple fuzzing points (in the same ... [More] request) Support multiple threaded attacks Web interface (RIA) Inline encoding/decoding works in *IX systems and Windows. WB is crossBrowser. Currently there aren't SVN repositories for this project because it's in a BETA stage. You can download a BETA release in the following URL: webreak-0.1.1-BETA If you want the latest version download the sources from SVN Just run "webreak.py" !! You only need Python2.5 and PyCurl library. Screenshots: Enjoy it! [Less]

xmpp-fuzzer

We plan to use Smack(a XMPP client library) to create a program used for taking fuzz-testing to XMPP. The programming language is JAVA.

over1ord

一个很囧很猥琐的程序挂钩库

Monkey Fuzz Testing

Monkey Fuzz stress tests an applications User Interface. It pretends to be a "monkey" on the keyboard, sending random button press and mouse events to a program. It is developed in C#