Difference between revisions of "Fuzzing"
Jump to navigation
Jump to search
m (→Tools) |
m (→Tools) |
||
| Line 23: | Line 23: | ||
** [http://www.secdev.org/projects/scapy/ python-scapy] - Packet generator/sniffer and network scanner/discovery |
** [http://www.secdev.org/projects/scapy/ python-scapy] - Packet generator/sniffer and network scanner/discovery |
||
** [http://www.immunitysec.com/resources-freesoftware.shtml spikeproxy] - Web application security testing proxy |
** [http://www.immunitysec.com/resources-freesoftware.shtml spikeproxy] - Web application security testing proxy |
||
| − | ** flawfinder - examines source code and looks for security weaknesses |
+ | ** [http://www.dwheeler.com/flawfinder/ flawfinder] - examines source code and looks for security weaknesses |
Revision as of 11:00, 24 July 2008
This is a first attempt to collect data on free software fuzzing tools.
Tools
- List of
- The Art Of Fuzzing and http://www.theartoffuzzing.com
- JBroFuzz
- Digital Dwarf products
- PeachFuzz
- IP Stack Integrity Checker
- PROTOS - Security Testing of Protocol Implementations
- SPIKE & Sharefuzz
- As Debian packages:
- Debian packages, not sure if they automate fuzzing but they can be useful
- bfbtester - Brute Force Binary Tester
- irpas - Internetwork Routing Protocol Attack Suite
- mozilla-livehttpheaders - Adds information about the HTTP headers to Iceweasel and Iceape
- netsed - The network packet altering stream editor
- python-scapy - Packet generator/sniffer and network scanner/discovery
- spikeproxy - Web application security testing proxy
- flawfinder - examines source code and looks for security weaknesses