backfuzz can be basically used to fuzz different protocols such as FTP, HTTP, IMAP, etc but also has no-protocol plug-ins Example: File Fuzzer. The general idea is that this script has several functions already predefined in the file “functions.py”, so whoever wanna write his own plugin’s for another diffrent protocol in a few lines and [...]
Fuzzer
Our first post about the IOCTL Fuzzer can be found here. It was a long time ago and now it has been updated to IOCTL Fuzzer version 1.3.
“IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them. Current OS support (x32 and [...]
Our first post regarding WPScan can be found here. A few hours ago a new update – WPScan version 1.1 was released!
“WPScan is a WordPress Security vulnerability scanner which checks the security of WordPress installations using a black box approach. WPScan is a black box WordPress Security Scanner written in Ruby which attempts to find [...]
PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool. is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is [...]
We have talked about fuzzdb in detail here. Now, it has been updated to fuzzdb version 1.09!
“fuzzdb aggregates known attack patterns, predictable resource names, server response messages, and other resources like web shells into the most comprehensive Open Source database of malicious and malformed input test cases.”
This is the updated fuzzdb change log:
Thanks to lawKnee, [...]
Our first post regarding Wfuzz can be found here. Yesterday, an update – Wfuzz version 2.0 was released.
“Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections, bruteforce Forms parameters (User/Password), Fuzzing,etc.”
This [...]
We wrote about a similar tool – iExploder that was based on the mangleme fuzzing concept. mangleme helps you to automatically check for HTML parsing flaws. It generates a basic set of badly mangled tags on request, with auto-refresh back to the script, so that you can point a browser to it once, and let it [...]
We wrote about Peach originally here. Now we have Peach version 2.3.8!
“Peach is a SmartFuzzer that is capable of performing both generation and mutation based fuzzing.”
This is the updated change log:
New: Moving to Python 2.7, this is the final python 2 version.
New: Peach filesystem logger now always writes out first test case #
New: [...]
Page 1 of 1
1