fm-fsf – Freakin’ Simple Fuzzer – Cross Platform Fuzzing Tool

Use Netsparker


fm-fsf is a new fuzzer/data scraper that works under OSX, Linux (with Mono) and Windows (.NET Framework). Fuzzing tools are always useful if you are looking at discovering some new flaws in a software or web service.

Quick Info

FSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data.

It supports some basic stuff and is missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications.

It’s still in early stage of development so don’t expect too much.

Why bring yet another fuzzer into this cruel world?

The author was trying to fuzz something and after spending about 2-3 hours about 3-4 different terribly designed fuzzers he thought knocking up his own would be better.

Don’t use if you….

  • Want a fuzzer where you can control the raw HTTP request
  • Need some crazy features such as fuzzing multiple locations at a time

Use if you need a fuzzer…

  • That allows to take advantage of RegEx with the full power for scraping data (this is quite useful while exploiting SQL Injections, gathering data, looking for some hidden resource or trying to enumerate all valid “user id”s)
  • Simple to run and easy to use
  • Which makes it easy to write your own fuzzing modules
  • With simple and compact .NET code

You can download fm-fsf here:

FSF-7.1.0.0.tar.gz

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Secure Coding

, , , , , ,


Latest Posts:


Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.
dcipher - Online Hash Cracking Using Rainbow & Lookup Tables dcipher – Online Hash Cracking Using Rainbow & Lookup Tables
dcipher is a JavaScript-based online hash cracking tool to decipher hashes using online rainbow & lookup table attack services.
HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.


Comments are closed.