Peach is a SmartFuzzer that is capable of performing both generation and mutation based fuzzing. There are typically two methods for producing fuzz data that is sent to a target, Generation or Mutation. Generational fuzzers are capable of building the data being sent based on a data model provided by the fuzzer creator. Sometimes this […]
fuzzing
FuzzDiff – Tool For Fuzzing and Crash Analysis
[ad] FuzzDiff is a simple tool to help make crash analysis during file format fuzzing a bit easier. I’m sure many people have written similar tools for their own purposes, but I haven’t seen any that are publicly available. Hopefully at least one person finds it useful. When provided with a fuzzed file, a corresponding […]
fuzzdb – Comprehensive Set Of Known Attack Sequences
fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for intelligent brute force testing and exploit condition identification of web applications. Many mechanisms of attack used to exploit different web server platforms and applications are triggered by particular meta-characters that are observed in more than one product security advisory. […]
Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool
[ad] Browser Fuzzer 3, or bf3, is a comprehensive web browser fuzzer. Browser Fuzzer 3 is designed as a hybrid framework/standalone fuzzer; the modules it uses are extensible but also highly integrated into the core. bf3 can be used via command line to set all necessary flags for each fuzzing operation. After initialization, bf3 creates […]
fzem – MUA (Mail User Agent) / Mail Client Fuzzer
[ad] fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses. Purpose fzem’s purpose is to fuzz MUAs as they process email content and handle server reponses. How does it work? fzem has the three main mail protocols implemented as well […]