Fusil is a fuzzing framework written in Python and distributed under GNU GPLv2 license. Fusil allows you to easily write “Fuzzing Projects” from a set of functions such as:
- Create a process
- Compile a C program
- Watch a process
- Watch syslog and so on
Fusil uses small “agents” which exchange messages to launch actions. e.g. MangleFile injects errors into valid file (PDF file, AVI movie, JPEG picture etc.). And then Fusil uses generated filename to run a process.
Currently available projects are ClamAV, Firefox (contains an HTTP server), gettext, gstreamer, identify, libc_env, libc_printf, libexif, linux_syscall, mplayer, php, poppler, vim and xterm.
For fuzzing safety, Fusil limits process memory, process priority, only copies a few environment variables, creates a temporary directory used as working directory, etc.
You can download Fusil 0.7 here:
Or read more here.
- Microsoft Zero Day OLE Vuln Being Exploited In Powerpoint
- Everything You Need To Know About POODLE SSLv3 Vulnerability
- OpenVPN Vulnerable To Shellshock Exploit
- Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool
- fm-fsf – Freakin’ Simple Fuzzer – Cross Platform Fuzzing Tool
- backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 227,894 views
- AJAX: Is your application secure enough? - 119,154 views
- eEye Launches 0-Day Exploit Tracker - 85,075 views