[Research] [Development]
List of Fuzzers [lof.html]
Krakow Labs maintains a current list of security driven fuzzing technologies.
REQUESTS/UPDATES --> Contact Us.
Last updated: 07.05.2010 (120)
A (3)
antiparser
"antiparser is a fuzz testing and fault injection API. Fuzz testing has application as a
security research methodology and for software quality assurance purposes."
Author: David McKinney
Latest: v2.0Autodafe
"Autodafe is a fuzzing framework able to uncover buffer overflows
by using the fuzzing by weighting attacks with markers technique."
Author: Martin Vuagnoux
Latest: v0.1 BETAAxMan
"AxMan is a web-based ActiveX fuzzing engine. The goal of AxMan is to
discover vulnerabilities in COM objects exposed through Internet
Explorer. Since AxMan is web-based, any security changes in the
browser will also affect the results of the fuzzing process. This
allows for a much more realistic test than other COM-based assessment
tools. AxMan is designed to be used with Internet Explorer 6 only."
Author: H D Moore
Latest: v1.0.0
B (7)
BED
"bed (aka 'Bruteforce Exploit Detector') is a plain-text protocol fuzzer that checks software
for common vulnerabilities like buffer overflows, format string bugs, integer overflows, etc."
Authors: Eric Sesterhenn & Martin J. Muench
Latest: v0.5beSTORM
"beSTORM is a security assessment tool that performs an exhaustive analysis to uncover new and unknown
vulnerabilities in network-enabled software applications during the development cycle. By automatically
testing billions of attack combinations, beSTORM ensures the security of products before they are deployed
saving companies millions in costs associated with fixing security holes after products are shipped.
beSTORM is different than older generation tools that use attack signatures or attempts to locate known
vulnerabilities in products."
Author: Beyond Security
Latest: RELEASE
bind6fuzz
"bind() IPv6 fuzzer."
Author: Clement Lecigne
Latest: RELEASEBrowser Fuzzer 3
"Browser Fuzzer 3 (bf3) is a comprehensive web browser fuzzer
that fuzzes CSS, DOM, HTML, JavaScript and XML."
Author: Jeremy Brown
Latest: v3BSS
"BSS (Bluetooth Stack Smasher) is a L2CAP layer fuzzer,
distributed under GPL licence."
Author: Pierre BETOUIN
Latest: v0.8bugger
"A Linux in-process fuzzer"
Author: Michal Zalewski
Latest: v0.01bBunny the Fuzzer
"A closed loop, high-performance, general purpose protocol-blind
fuzzer for C programs."
Author:
Latest: v0.93 BETA
C (5)
CIRT.DK Protocol Fuzzer
"A simple TCP/UDP protocol Fuzzer version 1.0."
Author: Dennis Rand
Latest: v1.0cmdline
"Cmdline helps discover bugs in local (unprivileged) *NIX applications via fuzzing."
Author: Jared DeMott
Latest: RELEASEComRaider
"COMRaider is a tool designed to fuzz COM Object Interfaces."
Author: David Zimmer
Latest: RELEASECSSDIE
"CSSDIE will look for common CSS1/CSS2/CSS3 implementation flaws
by specifying common bad values for style values."
Authors: H D Moore, Matt Murphy, Aviv Raff, Thierry Zoller
Latest: v0.7CVS Fuzzer
"Simple CVS fuzzer to be used against pserver."
Author: Jeremy Brown
Latest: v0.1 BETA
D (4)
DEFENSICS 3
"DEFENSICS 3.0 is the culmination of over 12 years of ground-breaking security
testing research. Having pioneered the widely-acclaimed PROTOS test suites in
the early 2000's and having then moved on to commercialize their testing approach,
the Codenomicon founders have outdone themselves by reinventing robustness testing
and fuzzing yet again. Fully integrated test control and results management,
all-new process workflow that's been designed from the ground up to support
real-life testing scenarios witnessed during 10+ years of customer feedback,
additional fully-featured user customization capabilities on top of our millions
of award-winning pre-built test cases, new applications areas including WiMAX and
XML-based protocols, top-of-the-line standards support both in test documentation
and protocol modeling, as well as a host of other new and exciting features --
DEFENSICS 3.0 is a revolution in security testing!"
Author: Codenomicon
Latest: v3.0
dfuz
"dfuz is a remote protocol fuzzer/triggerer which can do many things such as sending
random data/random sizes, together with the data you want. it has alot of ways to tell
the program to use this data by using rule files which will be later parsed by the
program itself, and with several options and ways to make it very specific, and very
flexible. It's not only a remote protocol fuzzer as itself, but it is a scripting-like
motor on which you can create any kind of payload, user-friendly."
Author: Diego Bauche
Latest: v0.3.0 BETAdhcpfuzz
"A protocol fuzzer for DHCP implementations"
Author: Ilja van Sprundel
Latest: v0.2DOM-Hanoi
"DOM-Hanoi will look for common DHTML implementation flaws by adding/removing
DOM elements, in a similar way to the known Tower of Hanoi game."
Authors: H D Moore & Aviv Raff
Latest: RELEASE
E (1)
EFS
"We have designed and implemented an Evolutionary Fuzzing System (EFS)
to help find new vulnerabilities. Traditional fuzzing techniques require
that a new fuzzer be built for each protocol, a never ending process.
EFS attempts to eliminate this effort by dynamically learning a protocol
using code coverage and other feedback mechanisms."
Author: Jared DeMott
Latest: RELEASE
F (19)
4f
"4f is a file format fuzzing framework. 4f uses modules which are
specifications of the targeted binary or text file format that tell
it how to fuzz the target application. If 4f detects a crash, it
will log crucial information important for allowing the 4f user to
reproduce the problem and also debugging information important to
deciding the severity of the bug and its exploitability."
Author: Jeremy Brown
Latest: RELEASEffuzer
"A little file fuzzer. You can define the file structure and then pass
it to the fuzzer. It can "learn" the file format (In the case of ASCII
Input files). Pretty fast (Compared to other file fuzzers)."
Author: Agustin Gianni
Latest: RELEASEFileFuzz
"FileFuzz is a graphical Windows based file format fuzzing tool.
FileFuzz was designed to automate the launching of applications and
detection of exceptions caused by fuzzed file formats."
Author: Michael Sutton
Latest: RELEASEFileH
"FileH is a haskell-based file fuzzer. It generates mutated files from a list of
source files and feeds them to an external program in batches."
Author: Tim Newsham
Latest: v0.1FileP
"FileP is a python-based file fuzzer. It generates mutated files from a list of
source files and feeds them to an external program in batches."
Author: Jesse Burns
Latest: v0.2flashboom
"This is a dead-simple ASNative() API fuzzer for Adobe Flash."
Author: H D Moore
Latest: v0.2Forensic Fuzzing Tools
"This is a collection of scripts that can be used to generate fuzzed files,
fuzzed file systems, and file systems containing fuzzed files. These can be
used to test the robustness of forensics tools and examination systems."
Author: iSEC Partners
Latest: RELEASEFTPStress
"Infigo FTPStress Fuzzer is a specific fuzzer for finding vulnerabilities in FTP server
products. Although it is a simple tool, it proved its efficiency by the number of
vulnerabilities discovered in different FTP server software tested with this tool.
The parameters used for the fuzzing process are highly configurable. User can precisely
define which FTP commands will be fuzzed along with the size and type of the fuzzing data."
Author: Infigo
Latest: v1.0fusil
"Fusil the fuzzer is a Python library used to write fuzzing programs. It helps
to start process with a prepared environment (limit memory, environment variables,
redirect stdout, etc.), start network client or server, and create mangled files.
Fusil has many probes to detect program crash: watch process exit code, watch process
stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration,
watch cpu usage (process and system load), etc."
Author: Victor Stinner
Latest: v1.2.1Fuzz
"Fuzz searches for new security vulnerabilities by generating random garbage which
can be passed in several ways to programs to see if they can be made to crash or hang."
Author: Ben Woodard
Latest: v0.5.1Fuzzer
"Fuzzer version 1.1 is a multi protocol fuzzing tool written in Python. It
can be used to find new SQL injection, format string, buffer overflow,
directory traversal, and other vulnerabilities. Written with portability in mind."
Author: Sergio Alvarez
Latest: v1.0Fuzzer
"browser fuzzing simplified"
Author: Petko D. Petkov
Latest: 1.5fuzzball2
"Fuzzball2 is a little fuzzer for TCP and IP options. It sends a bunch of
more or less bogus packets to the host of your choice."
Author: warlord
Latest: v0.7Fuzzbox
"Fuzzbox is a multi-codec media fuzzer."
Author: David Thiel
Latest: v0.3.1Fuzzled
"Fuzzled is a powerful fuzzing framework. Fuzzled includes helper
functions, namespaces, factories which allow a wide variety of
fuzzing tools to be developed. Fuzzled comes with several example
protocols and drivers for them."
Author: Tim Brown
Latest: v1.1Fuzzman
"Fuzzer generator based on unix man pages. Extracts offered
options from a man page and creates a shell script that will
execute a command using all possible combinations of options and arguments."
Author: Emmanouel Kellinis
Latest: RELEASEFuzzware
"Fuzzware is a generic fuzzing framework. It is designed to allow the testing of
software via automating the creation and processing of testcases. The testcases can
be files, network packets or calls to interfaces e.g. a Web Service."
Author: dave[at]fuzzware[dot]net
Latest: v1.5fzem
"fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME
email headers as well as how clients handle SMTP, POP and IMAP responses."
Author: Jeremy Brown
Latest: RELEASEfzfuzzer
"This is a filesystem fuzzer. This tool creates initial (valid) filesystem
images and then manipulates their binary format and structure for detecting
flaws/bugs/design problems in the parsing/handling code for that particular
filesystem. Expects a /media directory and some base tools (util-linux, etc)
as well as support for some filesystems in the kernel (fortunately it will add
the filesystems that are supported on your system, if it finds the necessary tools available)."
Author: Lance M. Havok
Latest: v0.6-lmh
G (1)
GPF
"GPF provides developers, security researchers, and quality
assurance professionals the capability to quickly search for
bugs/vulnerabilities in the exposed interface of networked
applications. GPF uses captured packet sessions (from libpcap)
to construct a protocol description from real traffic. Users
can then configure various types of injected faults, manually
modify the capture file, and define custom functions to deal with dynamic data."
Author: Jared DeMott
Latest: v4.6
H (2)
Hamachi
"Hamachi will look for common DHTML implementation flaws by specifying common
"bad" values for method arguments and property values."
Authors: H D Moore & Aviv Raff
Latest: RELEASEHzzp
"Hzzp is a HTTP compliant client and server fuzzer. Hzzp's main features
include HTTP response and request fuzzing, authentication fuzzing, query
parameter fuzzing, and automatic or manual exploit generation."
Author: Jeremy Brown
Latest: RELEASE
I (10)
iCalfuzz
"A fuzzer for the iCalendar format"
Author: Ilja van Sprundel
Latest: v0.1icmpv6fuzz
"ICMPv6 or ICMPv4 socket fuzzer."
Author: Clement Lecigne
Latest: RELEASEikefuzz
"Internet Key Exchange (IKE) is a key management protocol used with IPSec.
ikefuzz, built on top of libike 0.9.6, generates faulty IKE data to verify
correct handling of errors."
Author: Jared DeMott
Latest: v0.1Inguma
"Inguma is a free penetration testing and vulnerability discovery toolkit entirely written
in python. Framework includes modules to discover hosts, gather information about, fuzz targets,
brute force usernames and passwords, exploits, and a disassembler."
Authors: Joxean Koret & Hugo Teso
Latest: v0.1.1ioctlfuzz
"ioctl fuzzer for *nix based systems"
Author: Ilja van Sprundel
Latest: v0.1ip6fuzz
"Silly general ipv6 api fuzzer."
Author: Clement Lecigne
Latest: RELEASEip6sic
"ip6sic is a tool for stress testing an IPv6 stack implementation."
Author: Greg Taleck
Latest: v0.1ircfuzz
"A IRC protocol fuzzer for client applications"
Author: Ilja van Sprundel
Latest: v0.3ISIC
"ISIC is a suite of utilities to exercise the stability of an IP Stack and its component
stacks (TCP, UDP, ICMP et. al.) It generates piles of pseudo random packets of the target
protocol. The packets be given tendancies to conform to. Ie 50% of the packets generated
can have IP Options. 25% of the packets can be IP fragments... But the percentages are
arbitrary and most of the packet fields have a configurable tendancy. The packets are
then sent against the target machine to either penetrate its firewall rules or find bugs
in the IP stack. ISIC also contains a utility generate raw ether frames to examine hardware implementations."
Author: Mike Frantzen
Latest: v0.06ISICNG
"ISICNG is the port to IPv6 of ISIC, an IPv4 fuzzer intended to test the integrity of an
IPv4 stack and its components stacks (i.e. TCP) written by Mike Frantzen and that uses libnet.
ISICNG generates piles of pseudo random packets of the target protocol. At the moment only the
most used protocols are supported (TCP, ICMPv6 and UDP)."
Author: Clement Lecigne
Latest: v0.1
J (5)
javafuzz
"JavaFuzz is a java classes fuzzer based on the the Java Reflection API.
The reflection API represents, or reflects, the classes, interfaces, and
objects in the current Java Virtual Machine. Using the reflection API it
can contruct and invoke any given class (or list of classes). After getting
the types that a class accepts will construct the class using expected and/or inappropriate values."
Author: E. Kellinis
Latest: v0.7.5JBroFuzz
"JBroFuzz is a web application fuzzer for requests being made
over HTTP and/or HTTPS. Its purpose is to provide a single,
portable application that offers stable web protocol fuzzing capabilities."
Author: OWASP
Latest: v1.2Joxean's Fuzzers
"Two fuzzers written in Python. One is for PostgreSQL and one is for Informix."
Author: Joxean Koret
Latest: RELEASEJPEGfuzr
"JPEGfuzr is a perl implementation of fuzzing JPEG metadata
through the Image::MetaData::JPEG extension. It supports 40
metadata tags and fuzzes all, one by one, using the fuzz data supplied."
Author: Jeremy Brown
Latest: RELEASEjsfunfuzz
"This fuzzer creates random, possibly invalid, JavaScript function bodies.
It tests compilation, execution, and decompilation."
Author: Jesse Ruderman
Latest: RELEASE
K (1)
KEmuFuzzer
"KEmuFuzzer is protocol-specific fuzzer for system virtual machines. KEmuFuzzer
generates floppy images to boot a virtual machine and to execute a specific test-case."
Authors: Lorenzo Martignoni and Roberto Paleari
Latest: RELEASE
M (7)
Malybuzz
"Malybuzz is a multiprotocol and stateful network fuzzer to check the security of applications."
Author: Jose Miguel Esparza Muñoz
Latest: v1.0 BETAmangle
"A basic binary file fuzzer"
Author: Ilja van Sprundel
Latest: RELEASEmangleme
"A trivial utility to automatically check for HTML parsing flaws. Generates a basic set of
badly mangled tags on request, with auto-refresh back to the script, so that you can point
a browser to it once, and let it run until it crashes."
Author: Michal Zalewski
Latest: v1.2MielieTool
"Easy to use Web Application Fuzzer. Supports fuzzing of CGIs in forms
and links (POST and GET). Supports multiple sites."
Author: Roelof Temmingh
Latest: v1.0Mistress
"Mistress in an 'Application Sadism Environment' and can also
be called a fuzzer. It is written in Python and was created for
probing file formats on the fly and protocols with malformed data,
based on pre-defined patterns."
Author: posidron
Latest: RELEASEmpTREY
"mpTREY is a MP3 fuzzing utility that manipulates tags."
Author: Jeremy Brown
Latest: RELEASEmySQLFUZZer
"Quick little MySQL fuzzing utility that creates sockets and fuzzers on the fly."
Author:
Latest: v1.0 BETA
N (1)
notSPIKEfile
"notSPIKEfile is a linux based file format fuzzing tool. It was designed to automate
the executing the launching of applications and detection of exceptions caused by fuzzed file formats."
Author: Adam Greene
Latest: v
pdfUZZ
"pdfUZZ is a PDF fuzzing utility written in Perl."
Author: Jeremy Brown
Latest: RELEASEPeach
"Peach is a SmartFuzzer that is capable of performing both generation
and mutation based fuzzing."
Author: Michael Eddington
Latest: v2.2.2pff
"pff (Php Fuzzing Framework) is a tiny tool that was created with the
intention of discovering security and general bugs within Php functions."
Author: calcite
Latest: BETApgmfuzz
"PGMfuzz is a fuzzer written for identifying vulnerabilities in PGM
option parsing implementations."
Authors: Varun Uppal & Andy Davis
Latest: v1.0Powerfuzzer
"Powerfuzzer is a highly automated and fully customizable web fuzzer
(HTTP protocol based application fuzzer) based on many other Open Source
fuzzers available and information gathered from numerous security resources
and websites. It was designed to be user friendly, modern, effective and
working. Yes, there was a gap on the market in that arena and that's why
Powerfuzzer project was created. It is capable of spidering website and
identifying inputs. From practical view, pen tester point of view, it can
be considered a Web Application Vulnerability Scanner, however given its
design and specifications it has much more potential."
Author: Marcin Kozlowski
Latest: v1 BETAProxyFuzz
"ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer
written in Python. ProxyFuzz randomly changes (fuzzes) contents on
the network traffic. It supports TCP and UDP protocols and can also
be configured to fuzz only one side of the communication. ProxyFuzz
is protocol agnostic so it can randomly fuzz any network communication."
Author: Rodrigo Marcos
Latest: v0.1PHP Source Auditor III
"PHP Source Auditor III (or PSA3) is made for quickly finding
(obvious) vulnerabilities in PHP Source Codes, which can be
used by webmasters, developers or security-interested persons."
Author: Ironfist
Latest: v3
Q (1)
QueFuzz
"QueFuzz is a small fuzzer that uses libnetfilter_queue to take in packets from iptables.
It's fuzzing engine reads a small template file and fuzzes the packets as you requested.
QueFuzz has a very short learning curve, unlike many other fuzzing frameworks. It may not
be as powerful but you can have it up and fuzzing in under a minute. Unlike other fuzzers,
QueFuzz is not focused on data generation. It relies on a valid application to generate
the data and instead just mutates the network traffic inline and passes it on."
Author: Chris Rohlf
Latest: v0.7.2
R (4)
radiusfuzzer
"Radius fuzzer"
Author: Thomas Biege
Latest: BETA1raw6fuzz
"Raw IPv4 or IPv6 socket fuzzer."
Author: Clement Lecigne
Latest: RELEASErde
"Tiny utility for supplying user defined environmental variables at a
defined sized. Used in the Aid of auditing binaries that rely on environmental variables."
Author: Chad Delecia
Latest: RELEASERSHatter
"RSHatter is a rsh protocol fuzzing utility."
Author: Jeremy Brown
Latest: RELEASE
S (21)
Scapy
"Scapy is a powerful interactive packet manipulation program. It is able to forge or decode
packets of a wide number of protocols, send them on the wire, capture them, match requests
and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting,
probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof,
arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific
tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames,
combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc."
Author: Philippe Biondi
Latest: v2.0.1Schemer
"Schemer is a generic file and protocol fuzzer. Schemer requires an XML Schema
describing the format of the data and an example or test case of the data to be
fuzzed. Schemer makes available certain ways in which the data can be fuzzed, but
lets the user specify the values used. For example, Schemer lets you replace strings
with long strings, but the user has to specify the lengths used."
Author: Dave Soldera
Latest: v1.4scratch
"Scratch is an advanced protocol destroyer ("fuzzer") which can routinely find
a wide variety of vulnerabilities from a simple packet. scratch does complex
parsing of binary files to determine what to fuzz with what data. scratch also
comes with a framework for fuzzing binary protocols such as SSL and SMB."
Author: nd
Latest: RELEASEsfuzz
"A socket/file descriptor fuzzer"
Author: Ilja van Sprundel
Latest: v0.2sgopt6fuzz
"getsockopt() ipv6 fuzzer, it was designed to detect memory leaks."
Author: Clement Lecigne
Latest: RELEASESharefuzz
"The original environment variable fuzzer for Unixes that support loading a shared library."
Author: Dave Aitel
Latest: v1.0simple fuzz
"simple fuzz is exactly what it sounds like - a simple fuzzer. Don't mistake
simple with a lack of sophistication. this fuzzer has two network modes of
operation, an output mode for developing command line fuzzing scripts, as well
as taking fuzzing strings from literals and building strings from sequences.
simple fuzz is built to fill a need - the need for a quickly configurable
black box testing utility that doesn't require intimate knowledge of the inner
workings of C or require specialized software rigs. the aim is to just provide
a simple interface, clear inputs/outputs, and reusability."
Author: Aaron Conole
Latest: v0.4smtpfuzz
"BlackOps SMTP Fuzzing utility can be used to find weaknesses
in server implementations of the SMTP protocol."
Author: Ollie Whitehouse
Latest: v0.9.14SMUDGE
"SMUDGE is a python based data creation & testing kit used to stress test software. It supports
multiple methods of testing including file testing (for web browsers), single testing (for HTTP servers),
multiple testing (for SMTP/FTP servers) and an array of different types."
Author: nd
Latest: v0.8SNMP fuzzer
"SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl.
It provides efficient methods of determining which test case has caused a fault,
offers more testing granularity and a friendlier user interface."
Author: Aront
Latest: v0.1.1spiderpig-pdffuzzer
"Adobe and others uses javascript in pdfs to enhance standard workflow for example
connecting to database ,spell checking,printing n viewing etc..when we open pdf
in reader,it executes this javascript code(ya we all know that). so goal of spiderpig
is to find bugs in pdf reader's javascript engine."
Author: Sachin Shinde
Latest: RELEASESPIKE
"When you need to analyze a new network protocol for buffer overflows or similar
weaknesses, the SPIKE is the tool of choice for professionals. While it requires
a strong knowledge of C to use, it produces results second to none in the field."
Author: Dave Aitel
Latest: v2.9SPIKE Proxy
"Not all web applications are built in the same ways, and hence, many must be analyzed
individually. SPIKE Proxy is a professional-grade tool for looking for application-level
vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection
and cross-site-scripting, but it's completely open Python infrastructure allows advanced
users to customize it for web applications that other tools fall apart on."
Author: Dave Aitel
Latest: v1.4.2SPIKEfile
"SPIKEfile is a Linux based file format fuzzing tool, based on SPIKE 2.9.
It was designed to automate the executing the launching of applications and
detection of exceptions caused by fuzzed file formats."
Author: Adam Greene
Latest: RELEASESQL fuzzer
"SQL fuzzing tool that will find all table names, column names for specified table,
mysql version, username of mysql, database, perform load_file() on sites vulnerable to SQL injection."
Author: stefo
Latest: RELEASEsqlfuzz
"SQL Fuzzer version 1.0 that is written in Python."
Author: baltazar
Latest: v1.0sqlfuzzer
"SQL Injector version 1.0 is a fuzzing utility written in Python."
Author: Beenu Arora
Latest: v1.0SSHFuZZ
"sshfuzz is a SSH Fuzzing utility written in Perl that uses Net::SSH2."
Author: Jeremy Brown
Latest: RELEASESulley Fuzzing Framework
"Sulley is a fuzzer development and fuzz testing framework consisting of multiple
extensible components. Sulley (IMHO) exceeds the capabilities of most previously
published fuzzing technologies, commercial and public domain. The goal of the framework
is to simplify not only data representation but to simplify data transmission and target monitoring as well."
Authors: Pedram Amini & Aaron Portnoy
Latest: v1.0sysfuzz
"A System Call Fuzzer for Linux"
Author: Ilja van Sprundel
Latest: RELEASEsyslog Fuzzer
"Syslog Fuzzer is a small perl script tool that is useful for testing some
attack vectors against syslog servers. It has support for buffer/integer overflows
and format string vulnerabilities."
Author: Jaime Blasco
Latest: v0.1
T (7)
TagBruteForcer
"TagBruteForcer is a client-side security tool designed to find overflows in
applications that can be opened by default within Internet Explorer. It also
includes basic functionality for testing ActiveX objects or Internet Explorer itself."
Author: eEye (info)
Latest: vTagFuzzer
"TagFuzzer is a fuzzing utility that edits tag information for a supplied file.
Supports MP3, M4A, M4P, MP4, M4B, 3GP, OGG, and FLAC formats. "
Author: r0ut3r
Latest: RELEASETaof
"Taof is a GUI cross-platform Python generic network protocol fuzzer.
It has been designed for minimizing set-up time during fuzzing sessions
and it is especially useful for fast testing of proprietary or undocumented protocols."
Author: Rodrigo Marcos
Latest: v0.3.2tcpcontrol-fuzzer
"2^6 TCP control bit fuzzer (no ECN or CWR)."
Author: Shadow
Latest: RELEASEtcp6fuzz
"TCP/IPV6 socket fuzzer."
Author: Clement Lecigne
Latest: RELEASEtftpfuzz
"A TFTP protocol fuzzer"
Author: Ilja van Sprundel
Latest: RELEASETFTPfuzz
"TFTP daemon fuzzer that uses Net::TFTP."
Author: Jeremy Brown
Latest: RELEASEtmin
"Tmin is a simple utility meant to make it easy to narrow down complex test
cases produced through fuzzing."
Author: Michal Zalewski
Latest: RELEASE
U (3)
upd6fuzz
"UDP/IPv6 or UDP/IPv6 socket fuzzer."
Author: Clement Lecigne
Latest: RELEASEUFuz3
"UFuz3 is a binary file fuzzer focused on finding integer overflow vulnerabilities. This tool
can audit any application which loads a binary file such as Windows Media player, Microsoft office, etc."
Author: eEye
Latest: 3.0.0.2untidy
"untidy is a XML fuzzer. It takes an XML as input and generates a set of modified,
potentially invalid XMLs based on the input."
Author: Andres Riancho
Latest: BETA 2
V (2)
VNCrush
"VNCrush is a VNC server fuzzing utility."
Author: Jeremy Brown
Latest: RELEASEVoIPER
"VoIPER is a security toolkit that aims to allow developers and security researchers
to easily, extensively and automatically test VoIP devices for security vulnerabilties.
It incorporates a fuzzing suite built on the Sulley fuzzing framework, a SIP torturer
tool based on RFC 4475 and a variety of auxilliary modules to assist in crash detection and
debugging. It is cross platform and usable via a command line interface on Linux, Windows
and OS X or a GUI on Windows. The primary goal of VoIPER is to create a toolkit with all
required testing functionality built in and to minimise the amount of effort an auditor
has to put into testing the security of a VoIP code base."
Author: nnp
Latest: v0.07
W (3)
Wfuzz
"Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for
finding resources not linked (directories, servlets, scripts, etc), bruteforce GET
and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc),
bruteforce Forms parameters (User/Password), Fuzzing,etc."
Authors: Carlos del ojo & Christian Martorella
Latest: v1.4Windows IPC Fuzzing Tools
"This is a collection of tools used to attack applications that use Windows Interprocess
Communication mechanisms. This package includes tools to intercept and fuzz named pipes,
as well as a shared memory section fuzzer."
Author: Jesse Burns
Latest: vWSBang
"WSBang is a Python-based tool used to perform automated security testing of SOAP based web services."
Author: Scott Stender
Latest: v0.1
X (2)
XSS Checker
"Cross site scripting fuzzing utility written in Python."
Author: Beenu Arora
Latest: RELEASEXSSFuzz
"It’s for finding new vectors and testing those within the context of multiple encoding methods."
Author: ha.ckers.org
Latest: v1.1
Z (1)
zzuf
"zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications
by corrupting their user-contributed data (which more than often comes from untrusted sources
on the Internet). It works by intercepting file and network operations and changing random bits
in the program's input. zzuf's behaviour is deterministic, making it easier to reproduce bugs."
Author: Sam Hocevar
Latest: v0.12