Showing 1 - 25 of 140

Files

Simple Universal Fortigate Fuzzer Extension Script: Posted Dec 5, 2023; Authored by Cody Sixteen; This is a small extension script to monitor suff.py, or the Simple Universal Fortigate Fuzzer, and to collect crashlogs for future analysis.; tags | tool, fuzzer; SHA-256 | e4664830b3fe02fbdd2cb9687909e1cb5827c21ad4da619143c039c0d4cbe83d; Download | Favorite | View

Simple Universal Fortigate Fuzzer: Posted May 15, 2023; Authored by Cody Sixteen; Simple python script to send commands prepared in text files mutated by an example payload string, e.g. multiple A or B letters. Using Fortigate's credentials, a user should be able to use this script to automate a basic fuzzing process for commands available in CLI.; tags | tool, python, fuzzer; SHA-256 | 183513f0d7a7bbd777a50826ac774d0cc927491384f081ad3ae5cf87426b640f; Download | Favorite | View

NDC Protocol Fuzzer: Posted Feb 7, 2023; Authored by Fakhir Karim Reda | Site cyber-defense.ma; This python script is a fuzzer for the NDC protocol. The NDC protocol enables international and local payment transactions in cash as well as with bank cards. NDC permit Terminals "ATMS" to send unsolicited requests to the Server "NDC Server". This script sends fuzzed requests to the server in order to discover memory related security flaws.; tags | tool, local, protocol, python, fuzzer; SHA-256 | 5f5273c43dc8bb3a4edff6ba5eb375ca9168c43124cbd5198b85dbabec1bc16d; Download | Favorite | View

Deliverance 0.018-daf9452 File Descriptor Fuzzer: Posted May 24, 2022; Authored by Marshall Whittaker | Site github.com; Deliverance is a file descriptor fuzzer written in bash. It injects random data into file descriptors of pids associated with a process until the program crashes, then outputs the results of what caused the crash. It leaves behind files that were used as input for the last 2 minutes before the fault, useful for reproduction.; tags | tool, bash, fuzzer; SHA-256 | b2d5c61d25c3596775232700731b3c52f39be5ff2131841bfe8f930ed516e6e3; Download | Favorite | View

Google OSS Fuzz: Posted Dec 17, 2021; Authored by Google Security Research | Site google.github.io; Google's OSS Fuzz tool aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution.; tags | tool, fuzzer; SHA-256 | 1f94e7fcbd0c18872fc368ecbd888174560869f1a562d7dbc2b825627c63f525; Download | Favorite | View

litefuzz 1.0: Posted Sep 20, 2021; Authored by Jeremy Brown | Site github.com; litefuzz is a multi-platform fuzzer for poking at userland binaries and servers.; tags | tool, fuzzer; systems | unix; SHA-256 | f25a4127aa0a0332f8898ed435abea7ff3f6fdf48ec55273a12cb50f97f07dd3; Download | Favorite | View

ISO-8385 Protocol Fuzzer: Posted Feb 5, 2020; Authored by Fakhir Karim Reda; This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.; tags | tool, protocol, python, fuzzer; SHA-256 | d1cd712ddf8adaf71b93d57c4b8957aa1038bc884f3451a6f085124d3115cc0d; Download | Favorite | View

Maavi Fuzzing Utility: Posted Jan 20, 2020; Authored by Haroon Awan | Site github.com; Maavi is a fuzzing tool that scans for vulnerabilities with obfuscated payloads. Has proxy support, records full history of actions, and has various bells and whistles.; tags | tool, vulnerability, fuzzer; SHA-256 | 83e2d13d1dfbe16a16867f317e1413371ce7f3ad3f71149f9a2e4f61297de7a3; Download | Favorite | View

Ansvif 1.12: Posted Oct 30, 2019; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This is a bugfix release to ansvif. Many things were tweaked and fixed since the last version, but no real functionality has changed.; tags | tool, fuzzer; systems | unix; SHA-256 | b1ab3d738d61d727cce3db2834c74e0d3f9d64dd23f7c1d305ccd92c05839223; Download | Favorite | View

Ansvif 1.11: Posted Jan 3, 2019; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release has lots of code cleanup, bug fixes, and slight improvements in speed. Some code readability has been improved. This release is known to work on Android 7.1.1 (tested on a Motorola Droid Maxx 2), Ubuntu Linux x86_64, as well as Windows 10 x86_64.; tags | tool, fuzzer; systems | unix; SHA-256 | 037f63c0d88d988078c440d65fcb3f037111f9486171391578f674f2cc68e1c6; Download | Favorite | View

XSS Fuzzer: Posted Nov 28, 2018; Authored by Poyo VL | Site xssfuzzer.com; XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an iframe. Inside iframes, it is possible to send GET or POST requests from the browser to arbitrary URLs using generated payloads.; tags | tool, arbitrary, javascript, fuzzer; SHA-256 | 75dbb38b248d52be321de6e1340065eac23ecbb902931e83075eb886bfa9a0bb; Download | Favorite | View

Ansvif 1.11a: Posted Oct 23, 2018; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This is an initial Android pre-release.; tags | tool, fuzzer; systems | unix; SHA-256 | 7fb1e433412d64fcd2335a3ebe7f66437ef34d5a0d3a1df62e2476f3169244ba; Download | Favorite | View

Ansvif 1.10: Posted Aug 27, 2018; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release comes with lots of bug fixes and a couple new features added to the GTK frontend.; tags | tool, fuzzer; systems | unix; SHA-256 | a45e7858e17f46a83a5612c75c070edff04dda6eab8f0a582f20f2ae5596d1d6; Download | Favorite | View

BadParser 1.6.42218.0: Posted Apr 24, 2018; Authored by John Leitch; BadParser is a vulnerability parser designed to aid in the testing of fuzzers by simulating different kinds of memory corruption issues. Vulnerabilities are simulated by causing write-access violations at specific addresses, which serve as unique identifiers for the different issues. BadParser supports JSON and XML input files, with other file formats planned.; tags | tool, vulnerability, fuzzer; SHA-256 | 367f7dde5a91009874def600cffd3663977c783f792f9dde52d689d05d61d3af; Download | Favorite | View

Ansvif 1.9.1: Posted Apr 19, 2018; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This version is a bugfix release that includes lots of error handling.; tags | tool, fuzzer; systems | unix; SHA-256 | 11210463d7d354962165bf3887b2384b20d757d1e57785e6996cdb17c9a257d9; Download | Favorite | View

Ansvif 1.9: Posted Apr 16, 2018; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release includes lots of bugfixes and a bunch of new entries in the examples folder.; tags | tool, fuzzer; systems | unix; SHA-256 | 5cadf0ed2373636137cac4f25fb26de7d52672f89c3498a780239f53cb6690bb; Download | Favorite | View

Ansvif 1.8.1.1: Posted Dec 29, 2017; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release is for Windows 10 compatibility. Includes an ansvif.exe (with embedded icon this time), and printf.exe for reproducing faults. Also included are the examples to test ansvif on.; tags | tool, fuzzer; systems | unix; SHA-256 | a6465c6ebdc9d2ee488e2f8e4ef6e93e8ae72c06bb4873aee84e3b20039b9f2d; Download | Favorite | View

Ansvif 1.8.1: Posted Oct 26, 2017; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: Bug fixes and a new option to let you control if null characters are in the fuzz.; tags | tool, fuzzer; systems | unix; SHA-256 | da5e7c56de700078c640a0eaaa287e9643cb97d56dc08a942a48fbd3fe8700f1; Download | Favorite | View

Fuzzing Font Parsing: Posted Oct 23, 2017; Authored by James Fell; This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.; tags | tool, web, vulnerability, python, fuzzer; systems | unix; SHA-256 | c8318c528d7e608b8d2215bee4998862b6f54b96d2c952d42a31f344c81b6f0d; Download | Favorite | View

Ansvif 1.8: Posted Sep 12, 2017; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release includes some touchups to the main ansvif code, better crash detection under linux, as well as a primary new feature: the frontend to ansvif.; tags | tool, fuzzer; systems | unix; SHA-256 | 3802ca4a49b5033554a89567a685f4ee9e22fddddc120125d769fb7317fcfa8e; Download | Favorite | View

Ansvif 1.7: Posted Apr 13, 2017; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release marks easier compiling on most modern operating systems including Windows 7, Windows 10, Linux (Redhat and Debian based distros), and OpenBSD. It may compile/work on other operating systems but has not been tested. This is mostly a source code release with lots of code cleanup, and no new features.; tags | tool, fuzzer; systems | unix; SHA-256 | 2c2eb4b44d8649611c833b65e2abf446870ef2d3d44d84e0f9b8e57d41fb1e33; Download | Favorite | View

Ansvif 1.6.2: Posted Feb 25, 2017; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release has lots of code cleanup, bug fixes, and includes a -y or -b 0 option for zero buffer size (useful with -A and -B when in use with other fuzzers), and a -K option to keep going after a crash (usually only useful when logging).; tags | tool, fuzzer; systems | unix; SHA-256 | fe07ede744275e79f00a3a21f07bc10a3f99cfcb3d440819651a51f0048d0d2b; Download | Favorite | View

Mobile Security Framework MobSF 0.9.3 Beta: Posted Nov 23, 2016; Authored by Ajin Abraham | Site github.com; Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.; Changes: Clipboard Monitor for Android Dynamic Analysis. Windows APPX Static Analysis Support. Added Docker File. Added Support for Kali Linux. Various other additions and improvements.; tags | tool, web, vulnerability, fuzzer, xxe; systems | cisco, ios; SHA-256 | 700cdd3f3460d4db512a15ccc778012b27d14b9d9019961e561b1b27ac8ed277; Download | Favorite | View

Ansvif 1.6.1: Posted Nov 21, 2016; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).; tags | tool, fuzzer; systems | unix; SHA-256 | 859f9e504580cf957ec756c239cf58ea4940fa4416cab0fa7e4d1ea6024c0f4c; Download | Favorite | View

Ansvif 1.6: Posted Oct 2, 2016; Authored by Marshall Whittaker | Site oxagast.github.io; Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.; Changes: This release includes lots of bug fixes, and better Windows compatibility. Now there is no need for the extra .dll files in the Windows version.; tags | tool, fuzzer; systems | unix; SHA-256 | 19bbf1fdbe1324ff2ced174a8f2d184803feb3b504d30584ac8f333a272bf693; Download | Favorite | View

Page 1 of 6 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

Files

Top Authors In Last 30 Days

Recent News