ProxyFuzz – MITM Network Fuzzer in Python


ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.

ProxyFuzz is a good tool for quickly testing network protocols and provide with basic proof of concepts. Using this tool you will be amazed by the poor quality of software and you will see clients and servers dying upon unexpected input, just be prepared to see the very weird behaviours.

Syntax of ProxyFuzz:

A demo of ProxyFuzz is available here.

The video shows ProxyFuzz proxying traffic between a VMWare Console and a VMWare Server. This is just a dumb example of the things you can do with this tool.

Download ProxyFuzz 0.1 Source Code

Download ProxyFuzz 0.1 Windows Binary

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools

, , , , , ,


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.


3 Responses to ProxyFuzz – MITM Network Fuzzer in Python

  1. dre June 27, 2007 at 10:39 pm #

    interesting. proxy fuzzing is a heuristic-based dissection technique used to automate or improve the performance of fuzz testing. it is not widely known or talked about, but is probably one of the best ways to improve fuzz testing results, especially in a pure black-box scenario (iow: lacking the capability to go gray box via reverse engineering through static binary or bytecode analysis).

    when i first saw this post, i was thinking that proxyfuzzer, a tool by cody pierce of dvlabs (tippingpoint) was released. this tool goes further than ProxyFuzz because it does automatic mutation of plain-text fields. the internal tippingpoint version probably also does binary data, thus being able to change TLV and static values which could mess with parsers on either end of the connection.

    proxy fuzzer (and tons of other new tools) will be available on the fuzzing.org website once it goes live. there were a few things up there the other day, but now it’s password protected for some reason.

  2. Darknet June 29, 2007 at 8:26 am #

    Interesting info dre, I’ll keep an eye on fuzzing.org. http://theartoffuzzing.com/ is currently a good resource too.

  3. Daniel June 30, 2007 at 12:23 am #

    Darknet, i think you should make dre’s comment into a post. It was interesting.