Powerfuzzer is a highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer) based on many other Open Source fuzzers available and information gathered from numerous security resources and websites. It was designed to be user-friendly, modern, effective and to work consistently. It is also designed and coded to be modular and extendable, […]
fuzzer
american fuzzy lop – Security Oriented Fuzzing Tool
American fuzzy lop is a security-oriented fuzzing tool that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also […]
Dharma – Generation-based Context-free Grammar Fuzzing Tool
Dharma is a tool used to create test cases for fuzzing of structured text inputs, such as markup and script. It takes a custom high-level grammar format as input, and produces random well-formed test cases as output – it can be used as a grammar fuzzing tool. API programming is complex and subtle programming mistakes […]
zzuf – Multi-Purpose Application Input Fuzzing Tool
zzuf is a transparent application input fuzzing tool or fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data (which more than often comes from untrusted sources on the Internet). It works by intercepting file and network operations and changing random bits in the program’s input. zzuf’s behaviour is deterministic, making […]
CERT Failure Observation Engine (FOE) – Mutational Fuzzing Tool
The CERT Failure Observation Engine (FOE) is a software testing tool that finds defects in applications that run on the Windows platform. FOE performs mutational fuzzing on software that consumes file input. (Mutational fuzzing is the act of taking well-formed input data and corrupting it in various ways, looking for cases that cause crashes.) The […]