Select a tag to browse associated projects and drill deeper into the tag cloud.
zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data (which more than often comes from untrusted sources on the Internet). It works by intercepting file and network operations and changing random bits in the program’s ... [More]
Fusil project is a fuzzing program. Today, it's specific to Linux command line program, but the code is designed to be used with any project type (remote process, fake HTTP server, fuzz network socket, etc.). New Fusil implementation is now based on multi-agent system instead monolithic architecture.
An XML fuzzing tool. Xmlfuzzer takes XML Scheme on input and returns valid XML document with random data.
The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment. It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach ... [More]
Sulley is a fuzzer development and fuzz testing framework consisting of multiple extensible components. Sulley (IMHO) exceeds the capabilities of most previously published fuzzing technologies, commercial and public domain. The goal of the framework is to simplify not only data representation but to ... [More]
SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).
Bunny the FuzzerA closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to ... [More]
tminA quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. The tool is somewhat related to delta, a more featured general-purpose optimizer - but is meant specifically for dealing with unknown or complex data formats (without the need to ... [More]
Fuzzing of WebServices. Features: gui, input definition(per parameter), test case generatiion, filter of results, ...