{"id":2678,"date":"2010-04-27T11:34:40","date_gmt":"2010-04-27T10:34:40","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2678"},"modified":"2015-09-09T19:37:36","modified_gmt":"2015-09-09T11:37:36","slug":"fuzzdb-comprehensive-set-of-known-attack-sequences","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2010\/04\/fuzzdb-comprehensive-set-of-known-attack-sequences\/","title":{"rendered":"fuzzdb &#8211; Comprehensive Set Of Known Attack Sequences"},"content":{"rendered":"<p>fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for intelligent brute force testing and exploit condition identification of web applications.<\/p>\n<p>Many mechanisms of attack used to exploit different web server platforms and applications are triggered by particular meta-characters that are observed in more than one product security advisory. fuzzdb is a database attack patterns known to have caused exploit conditions in the past, categorized by attack type, platform, and application.<\/p>\n<p>Because of the popularity of a small number of server types, platforms, and package formats, resources such as logfiles and administrative directories are typically located in a small number of predictable locations. A comprehensive database of these, sorted by platform type, makes brute force fuzz testing a scalpel-like approach.<\/p>\n<p>Since system errors contain predictable strings, fuzzdb contains lists of error messages to be pattern matched against server output in order to aid detection software security defects.<\/p>\n<p>Primary sources used for attack pattern research:<\/p>\n<ul>\n<li>researching old web exploits for repeatable attack strings<\/li>\n<li>scraping scanner patterns from http logs<\/li>\n<li>various books, articles, blog posts, mailing list threads<\/li>\n<li>patterns gleaned from other open source fuzzers and pentest tools<\/li>\n<li>analysis of default app installs<\/li>\n<li>system and application documentation<\/li>\n<li>error messages <\/li>\n<\/ul>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<p>It&#8217;s like a non-automated open source scanner without the scanner. You can download fuzzdb v1.06 here:<\/p>\n<p><a href=\"http:\/\/fuzzdb.googlecode.com\/files\/fuzzdb-1.06.tgz\">fuzzdb-1.06.tgz<\/a><\/p>\n<p><em>It&#8217;s recommended to sync via SVN though as the contents will be a lot fresher as compared to the files in the tar.<\/em><\/p>\n<pre>svn checkout http:\/\/fuzzdb.googlecode.com\/svn\/trunk\/ fuzzdb-read-only<\/pre>\n<p>Or read more <a href=\"http:\/\/code.google.com\/p\/fuzzdb\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for intelligent brute force testing and exploit condition identification of web applications. Many mechanisms of attack used to exploit different web server platforms and applications are triggered by particular meta-characters that are observed in more than one product security advisory. [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[9,29],"tags":[1277,2226,396],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2678"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=2678"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2678\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=2678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=2678"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=2678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}