Difference between revisions of "Fuzzing"

From YobiWiki
Jump to navigation Jump to search
m
 
(9 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
** http://www.infosecinstitute.com/blog/2005/12/fuzzers-ultimate-list.html
 
** http://www.infosecinstitute.com/blog/2005/12/fuzzers-ultimate-list.html
 
** http://www.hacksafe.com.au/blog/category/fuzz-testing/
 
** http://www.hacksafe.com.au/blog/category/fuzz-testing/
  +
** http://lcamtuf.coredump.cx/
* [http://sourceforge.net/projects/taof/ The Art Of Fuzzing]
 
  +
** http://www.krakowlabs.com/lof.html
  +
** https://www.peerlyst.com/posts/resource-open-source-fuzzers-list
  +
* [http://lcamtuf.coredump.cx/afl/ American Fuzzy Lop]
 
* [http://sourceforge.net/projects/taof/ The Art Of Fuzzing] and http://www.theartoffuzzing.com
 
* [http://sourceforge.net/projects/jbrofuzz JBroFuzz]
 
* [http://sourceforge.net/projects/jbrofuzz JBroFuzz]
 
* [http://www.digitaldwarf.be/products.html Digital Dwarf products]
 
* [http://www.digitaldwarf.be/products.html Digital Dwarf products]
Line 12: Line 16:
 
* [http://www.ee.oulu.fi/research/ouspg/protos/ PROTOS] - Security Testing of Protocol Implementations
 
* [http://www.ee.oulu.fi/research/ouspg/protos/ PROTOS] - Security Testing of Protocol Implementations
 
* [http://www.immunitysec.com/resources-freesoftware.shtml SPIKE & Sharefuzz]
 
* [http://www.immunitysec.com/resources-freesoftware.shtml SPIKE & Sharefuzz]
  +
* [http://aconole.brad-x.com/programs/sfuzz.html sfuzz]
 
* As Debian packages:
 
* As Debian packages:
 
** [http://fuzz.sourceforge.net/ fuzz] - stress-test programs by giving them random input
 
** [http://fuzz.sourceforge.net/ fuzz] - stress-test programs by giving them random input
Line 22: Line 27:
 
** [http://www.secdev.org/projects/scapy/ python-scapy] - Packet generator/sniffer and network scanner/discovery
 
** [http://www.secdev.org/projects/scapy/ python-scapy] - Packet generator/sniffer and network scanner/discovery
 
** [http://www.immunitysec.com/resources-freesoftware.shtml spikeproxy] - Web application security testing proxy
 
** [http://www.immunitysec.com/resources-freesoftware.shtml spikeproxy] - Web application security testing proxy
  +
** [http://www.dwheeler.com/flawfinder/ flawfinder] - examines source code and looks for security weaknesses
  +
** [http://fusil.hachoir.org/trac/wiki/ fusil] - Fuzzing program to test applications
  +
** inguma - Open source penetration testing toolkit
  +
** wapiti - Web application vulnerability scanner
  +
* EMV
  +
** https://labs.mwrinfosecurity.com/system/assets/1137/original/MWR_InfoSecurity_POS_Fuzzer_v1_summary.pdf

Latest revision as of 10:41, 28 March 2016

This is a first attempt to collect data on free software fuzzing tools.

Tools