Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

zzuf

Compare

  Analyzed over 1 year ago

zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data (which more than often comes from untrusted sources on the Internet). It works by intercepting file and network operations and changing random bits in the program’s ... [More] input. zzuf’s behaviour is deterministic, making it easier to reproduce bugs. [Less]

-80 lines of code

0 current contributors

almost 3 years since last commit

6 users on Open Hub

Activity Not Available
5.0
 
I Use This

American fuzzy lop

Compare

  Analyzed 8 days ago

American fuzzy lop is a fuzzer that uses compile-time instrumentation and genetic algorithms. It can perform fuzzing with high code coverage in an efficient way, and with essentially no configuration.

9.63K lines of code

1 current contributors

about 1 month since last commit

2 users on Open Hub

Very Low Activity
0.0
 
I Use This

WinAppDbg module for Python

Compare

  Analyzed 8 months ago

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment. It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach ... [More] your script as a debugger, trace execution, hook API calls, handle events in your debugee and set breakpoints of different kinds (code, hardware and memory). Additionally it has no native code at all, making it easier to maintain or modify than other debuggers on Windows. [Less]

27.8K lines of code

0 current contributors

almost 4 years since last commit

1 users on Open Hub

Activity Not Available
5.0
 
I Use This
Licenses: No declared licenses

xmlfuzzer

Compare

  No analysis available

An XML fuzzing tool. Xmlfuzzer takes XML Scheme on input and returns valid XML document with random data.

0 lines of code

0 current contributors

0 since last commit

1 users on Open Hub

Activity Not Available
0.0
 
I Use This
Mostly written in language not available
Licenses: GPL-2.0+

Fusil

Compare

  Analyzed 25 days ago

Fusil project is a fuzzing program. Today, it's specific to Linux command line program, but the code is designed to be used with any project type (remote process, fake HTTP server, fuzz network socket, etc.). New Fusil implementation is now based on multi-agent system instead monolithic architecture.

9.39K lines of code

0 current contributors

over 1 year since last commit

1 users on Open Hub

Very Low Activity
5.0
 
I Use This

quefuzz

Compare

  No analysis available

Updates - May 2009QueFuzz is outdated, I have replaced it with QueRub which you can read more about here. STOP QueFuzz is old, read the text above this! QueFuzz is a small fuzzer that uses libnetfilter_queue to take in packets from iptables. It's fuzzing engine reads a small template file and ... [More] fuzzes the packets as you requested. QueFuzz has a very short learning curve, unlike many other fuzzing frameworks. It may not be as powerful but you can have it up and fuzzing in under a minute. Unlike other fuzzers, QueFuzz is not focused on data generation. It relies on a valid application to generate the data and instead just mutates the network traffic inline and passes it on. Heres an a quick how-to: 1. Setup an iptables rule that queues all outgoing packets with a TCP destination port of 80. iptables -A OUTPUT -p tcp --dport 80 -j QUEUE 2. Start QueFuzz with an HTTP template that looks like this $ cat http.fuz quefuzz HTTP { ip_src (192.168.4.3) ip_dst (192.168.4.2) replace (AAAA) (BBBB) replace (GET /index.html) (GET /../../../../) replace (Content-Length: 90) (Content-Length: -1) replace (User-Agent: Mozilla) (User-Agent: Moz%n%n) binary_replace (04050f) (616263) fuzz_word (Content-Length) random_binary random_ascii random_depth 2 } $./quefuzz -t http.fuz -v -f3. Open your HTTP browser, and connect to your server at 192.168.4.2 as normal. QueFuzz takes care of the packet mutation inline, all you have to do is monitor your server or client with a debugger for any potential crashes. (The example template has all keywords used) QueFuzz can obviously be used in the opposite direction. You can fuzz your client using your server. It doesn't care what direction the traffic is going. Its not as in-depth as some of the better fuzzing frameworks out there like Sulley or Spike, but it gets the job done. Heres a basic flow chart of how it works: http://em386.blogspot.com | http://chris.rohlf.googlepages.com/index.html [Less]

0 lines of code

0 current contributors

0 since last commit

0 users on Open Hub

Activity Not Available
0.0
 
I Use This
Mostly written in language not available
Licenses: GPL-2.0+

Bendy Bus

Compare

  Analyzed over 2 years ago

Bendy Bus is a system to mock up parts of D-Bus server–client systems in order to test the other parts. It allows fuzz and unit testing of D-Bus clients by simulating the corresponding D-Bus servers. Simulations are written in a simple FSM-based language.

21K lines of code

0 current contributors

about 5 years since last commit

0 users on Open Hub

Activity Not Available
0.0
 
I Use This
Licenses: CC-BY-SA-3.0, GPL-3.0+

Chaos HTTP Proxy

Compare

  Analyzed 11 days ago

Introduce failures into HTTP requests via a proxy server

1.47K lines of code

0 current contributors

over 1 year since last commit

0 users on Open Hub

Very Low Activity
0.0
 
I Use This

ws-fuzzer

Compare

  No analysis available

Fuzzing of WebServices. Features: gui, input definition(per parameter), test case generatiion, filter of results, ...

0 lines of code

0 current contributors

0 since last commit

0 users on Open Hub

Activity Not Available
0.0
 
I Use This
Mostly written in language not available
Licenses: Apache-2.0

garble

Compare

  Analyzed over 1 year ago

Utility for corrupting perfectly good files. Used for fuzz testing.

30 lines of code

0 current contributors

about 10 years since last commit

0 users on Open Hub

Activity Not Available
0.0
 
I Use This
Tags fuzzing