Home / Tools / fuzzer

Packages that use the fuzz testing principle, ie 'throwing' random inputs at the subject to see what happens.

Tool count: 185

Name Version Description Category Website
0d1n 1:2.5 Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. webapp fuzzer scanner
afl 2.52b Security-oriented fuzzer using compile-time instrumentation and genetic algorithms fuzzer binary
aggroargs 51.c032446 Bruteforce commandline buffer overflows, linux, aggressive arguments. exploitation fuzzer
ajpfuzzer 0.6 A command-line fuzzer for the Apache JServ Protocol (ajp13). fuzzer
astra 241.7d0f211 Automated Security Testing For REST API's. webapp fuzzer
atscan 1936.c31e263 Server, Site and Dork Scanner. scanner webapp fuzzer exploitation automation
backfuzz 38.c650cbf A network protocol fuzzing toolkit. fuzzer networking
bbscan 39.57a2e33 A tiny Batch weB vulnerability Scanner. webapp scanner fuzzer
bing-lfi-rfi 0.1 This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities. webapp scanner fuzzer
birp 65.b2e108a A tool that will assist in the security assessment of mainframe applications served over TN3270. scanner recon fuzzer
bluebox-ng 1:1.1.0 A GPL VoIP/UC vulnerability scanner. voip scanner fuzzer
browser-fuzzer 3 Browser Fuzzer 3 fuzzer
brutexss 54.ba753df Cross-Site Scripting Bruteforcer. webapp fuzzer
bss 0.8 Bluetooth stack smasher / fuzzer bluetooth fuzzer scanner
bt_audit 0.1.1 Bluetooth audit bluetooth fuzzer
bunny 0.93 A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. fuzzer
burpsuite 1:1.7.36 An integrated platform for attacking web applications (free edition). fuzzer proxy scanner webapp
cantoolz 336.61fc163 Framework for black-box CAN network analysis https://asintsov.blogspot.de/. automobile recon fuzzer scanner
capfuzz 34.97ac312 Capture, fuzz and intercept web traffic. sniffer fuzzer
cecster 5.15544cb A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols. scanner fuzzer
chipsec 2:1.3.6 Framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. hardware binary forensic scanner fuzzer
choronzon 4.d702c31 An evolutionary knowledge-based fuzzer. fuzzer
cirt-fuzzer 1.0 A simple TCP/UDP protocol fuzzer. fuzzer
cisco-auditing-tool 1 Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. cracker fuzzer scanner
cmsfuzz 5.6be5a98 Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke. webapp scanner fuzzer
conscan 1.2 A blackbox vulnerability scanner for the Concre5 CMS. fuzzer scanner webapp
cookie-cadger 1.08 An auditing tool for Wi-Fi or wired Ethernet connections. fuzzer scanner
crlf-injector 8.abaf494 A python script for testing CRLF injecting issues. fuzzer webapp
darkbing 0.1 A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. scanner fuzzer webapp
dhcpig 2:92.9fd8df5 Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library. scanner fuzzer dos
dizzy 2.0 A Python based fuzzing framework with many features. fuzzer networking
doona 142.710584f A fork of the Bruteforce Exploit Detector Tool (BED). fuzzer exploitation
dotdotpwn 3.0.2 The Transversal Directory Fuzzer exploitation fuzzer
dpscan 0.1 Drupal Vulnerabilty Scanner. scanner webapp fuzzer
dr-checker 137.d742943 A Soundy Vulnerability Detection Tool for Linux Kernel Drivers. exploitation fuzzer
drozer 2.4.4 A security testing framework for Android - Precompiled binary from official repository. mobile scanner fuzzer
dudley 16.ea14ca6 Block-based vulnerability fuzzing framework. fuzzer
easyfuzzer 3.6 A flexible fuzzer, not only for web, has a CSV output for efficient output analysis (platform independant). fuzzer webapp
faraday 6297.6ff72cce A new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analyze of the generated data during the process of a security audit. scanner exploitation fuzzer fingerprint automation misc
fhttp 1.3 This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more. webapp scanner fuzzer fingerprint dos
filebuster 55.e0aba68 An extremely fast and flexible web fuzzer. webapp fuzzer
filefuzz 1.0 A binary file fuzzer for Windows with several options. windows fuzzer
fimap 2:1.00 A little tool for local and remote file inclusion auditing and exploitation. fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. exploitation fuzzer
firewalk 5.0 An active reconnaissance network security tool fuzzer scanner
flyr 76.4926ecc Block-based software vulnerability fuzzing framework. fuzzer
frisbeelite 1.2 A GUI-based USB device fuzzer. fuzzer
ftester 1.0 A tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. fuzzer
ftp-fuzz 1:1337 The master of all master fuzzing scripts specifically targeted towards FTP server sofware. fuzzer
fuddly 465.ed17a0b Fuzzing and Data Manipulation Framework (for GNU/Linux). fuzzer
fusil 1.5 A Python library used to write fuzzing programs. fuzzer
fuzzball2 0.7 A little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice. fuzzer
fuzzdb 404.ecb0850 Attack and Discovery Pattern Dictionary for Application Fault Injection Testing fuzzer
fuzzdiff 1.0 A simple tool designed to help out with crash analysis during fuzz testing. It selectively 'un-fuzzes' portions of a fuzzed file that is known to cause a crash, re-launches the targeted application, and sees if it still crashes. fuzzer
fuzztalk An XML driven fuzz testing framework that emphasizes easy extensibility and reusability. windows fuzzer
gloom 95.607162b Linux Penetration Testing Framework. scanner exploitation recon fuzzer social
greenbone-security-assistant 7.0.3 Greenbone Security Assistant (gsa) - OpenVAS web frontend scanner fuzzer exploitation
grr 17.791ed5a High-throughput fuzzer and emulator of DECREE binaries. fuzzer
hexorbase 2:6 A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). fuzzer scanner
hodor 1.01be107 A general-use fuzzer that can be configured to use known-good input and delimiters in order to fuzz specific locations. fuzzer
honggfuzz 1.7 A general-purpose fuzzer with simple, command-line interface. fuzzer hardware
http-fuzz 1:0.1 A simple http fuzzer. fuzzer
httpforge 11.02.01 A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. webapp scanner fuzzer recon
hwk 0.4 Collection of packet crafting and wireless network flooding tools dos fuzzer scanner wireless
ifuzz 1.0 A binary file fuzzer with several options. fuzzer
ikeprober 1.12 Tool crafting IKE initiator packets and allowing many options to be manually set. Useful to find overflows, error conditions and identifiyng vendors fuzzer
inguma 0.1.1 A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. cracker disassembler exploitation fuzzer scanner
isip 2.fad1f10 Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. voip networking fuzzer dos
jbrofuzz 2.5 Web application protocol fuzzer that emerged from the needs of penetration testing. fuzzer
joomlavs 254.eea7500 A black box, Ruby powered, Joomla vulnerability scanner. webapp scanner fuzzer
jsql-injection 0.81 A Java application for automatic SQL database injection. webapp exploitation fuzzer
kitty 321.f19e811 Fuzzing framework written in python. fuzzer
kitty-framework 321.f19e811 Fuzzing framework written in python. fuzzer
leviathan 35.a1a1d8c A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. scanner cracker webapp fuzzer exploitation
lfi-autopwn 3.0 A Perl script to try to gain code execution on a remote server via LFI exploitation fuzzer
lfi-fuzzploit 1.1 A simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. webapp fuzzer exploitation
lfi-scanner 4.0 This is a simple perl script that enumerates local file inclusion attempts when given a specific target. scanner fuzzer webapp
lfi-sploiter 1.0 This tool helps you exploit LFI (Local File Inclusion) vulnerabilities. Post discovery, simply pass the affected URL and vulnerable parameter to this tool. You can also use this tool to scan a URL for LFI vulnerabilities. webapp fuzzer exploitation
lfimap 6.0edee6d This script is used to take the highest beneficts of the local file include vulnerability in a webserver. webapp fuzzer
liffy 65.8011cdd A Local File Inclusion Exploitation tool. webapp exploitation fuzzer
littleblackbox 0.1.3 Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. scanner fuzzer crypto
maligno 2.5 An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. scanner fuzzer exploitation
malybuzz 1.0 A Python tool focused in discovering programming faults in network software. fuzzer
mdk3 v6 WLAN penetration tool wireless fuzzer
mdk4 29.002f64a Proof-of-Concept tool to exploit common IEEE 802.11 protocol weaknesses. wireless fuzzer
melkor 1.0 An ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). fuzzer binary
metasploit 4.17.26 Advanced open-source platform for developing, testing, and using exploit code exploitation fuzzer scanner recon networking
mongoaudit 217.c03c68a A powerful MongoDB auditing and pentesting tool . scanner fuzzer
nemesis 194.0123747 command-line network packet crafting and injection utility networking fuzzer spoof
network-app-stress-tester 19.df75391 Network Application Stress Testing Yammer. dos networking fuzzer
netzob 1.0.2 An open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. reversing fuzzer networking
nikto 2.1.6 A web server scanner which performs comprehensive tests against web servers for multiple items scanner webapp fuzzer
nili 36.97f75f4 Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. scanner reversing fuzzer
nimbostratus 54.c7c206f Tools for fingerprintinging and exploiting Amazon cloud infrastructures. fingerprint exploitation fuzzer
notspikefile 1:0.1 A Linux based file format fuzzing tool fuzzer
nsoq 1.9.5 A Network Security Tool for packet manipulation that allows a large number of options. networking scanner fuzzer
oat 1.3.1 A toolkit that could be used to audit security within Oracle database servers. fuzzer
ohrwurm 0.1 A small and simple RTP fuzzer. fuzzer
openvas-cli 1.4.5 The OpenVAS Command-Line Interface scanner fuzzer exploitation
openvas-libraries 9.0.2 The OpenVAS libraries scanner fuzzer exploitation
openvas-manager 7.0.3 A layer between the OpenVAS Scanner and various client applications scanner fuzzer exploitation
openvas-scanner 5.1.3 The OpenVAS scanning Daemon scanner fuzzer exploitation
oscanner 1.0.6 An Oracle assessment framework developed in Java. fuzzer
owtf 1017.0bbeea1 The Offensive (Web) Testing Framework. webapp automation scanner fuzzer
pappy-proxy 77.e1bb049 An intercepting proxy for web application testing. webapp proxy scanner fuzzer recon
peach 3.0.202 A SmartFuzzer that is capable of performing both generation and mutation based fuzzing. fuzzer
peach-fuzz 55.404e8ee Simple vulnerability scanning framework. fuzzer code-audit
pentbox 1.8 A security suite that packs security and stability testing oriented tools for networks and systems. fuzzer scanner
pmcma 1.00 Automated exploitation of invalid memory writes (being them the consequences of an overflow in a writable section, of a missing format string, integer overflow, variable misuse, or any other type of memory corruption). exploitation automation fuzzer
portmanteau 1.0 An experimental unix driver IOCTL security tool that is useful for fuzzing and discovering device driver attack surface. fuzzer
powerfuzzer 1_beta Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and others. fuzzer
pret 81.4f3820a Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. exploitation fuzzer recon scanner
profuzz 9.aa6dded Simple PROFINET fuzzer based on Scapy. fuzzer
pulsar 42.18b35db Protocol Learning and Stateful Fuzzing. fuzzer
pyersinia 49.73f4056 Network attack tool like yersinia but written in Python. networking fuzzer dos voip scanner exploitation
pyjfuzz 140.c8e5fff Python JSON Fuzzer. fuzzer
pytbull 2.1 A python based flexible IDS/IPS testing framework shipped with more than 300 tests. scanner fuzzer
qark 144.8f7cd41 Tool to look for several security related Android application vulnerabilities. mobile fuzzer scanner exploitation
ratproxy 1.58 A passive web application security assessment tool fuzzer proxy scanner webapp
responder 2:201.0bdc183 A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. scanner fuzzer spoof networking
responder-multirelay 326.38e721d A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), scanner fuzzer spoof networking
s3-fuzzer 4.0a2a6f0 A concurrent, command-line AWS S3 Fuzzer. fuzzer
sandsifter 2.8375e61 The x86 processor fuzzer. fuzzer hardware
sb0x 19.04f40fe A simple and Lightweight framework for Penetration testing. scanner fuzzer cracker backdoor recon
scout2 1182.5d86d46 Security auditing tool for AWS environments. scanner fuzzer
sfuzz 0.7.0 A simple fuzzer. fuzzer
shortfuzzy 0.1 A web fuzzing script written in perl. webapp fuzzer scanner
skipfish 2.10b A fully automated, active web application security reconnaissance tool fuzzer scanner webapp
sloth-fuzzer 39.9f7f59a A smart file fuzzer. fuzzer
smartphone-pentest-framework 104.fc45347 Repository for the Smartphone Pentest Framework (SPF). mobile scanner fuzzer
smbexec 1:148.7827616 A rapid psexec style attack with samba tools. scanner recon fuzzer exploitation
smod 53.7eb8423 A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. scanner fuzzer recon dos
smtp-fuzz 1.0 Simple smtp fuzzer. fuzzer
smtptx 1.0 A very simple tool used for sending simple email and do some basic email testing from a pentester perspective. scanner fuzzer
sn00p 0.8 A modular tool written in bourne shell and designed to chain and automate security tools and tests. automation scanner recon fingerprint networking fuzzer exploitation
snmp-fuzzer 0.1.1 SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. fuzzer networking
soapui 5.4.0 The Swiss-Army Knife for SOAP Testing. proxy fuzzer
socketfuzz 26.089add2 Simple socket fuzzer. fuzzer
spaf 11.671a976 Static Php Analysis and Fuzzer. webapp fuzzer code-audit
spartan 23.babdd7d TCHunt-ng attempts to reveal encrypted files stored on a filesystem. The program is successful in finding TrueCrypt, VeraCrypt, CipherShed containers, EncFS encrypted files, PGP/GPG encrypted messages, OpenSSH and PEM private keys, password databases, and files made up of random data. fingerprint fuzzer
spiderpig-pdffuzzer 0.1 A javascript pdf fuzzer fuzzer
spike 2.9 IMMUNITYsec's fuzzer creation kit in C fuzzer
sploitego 153.d9568dc Maltego Penetration Testing Transforms. fuzzer scanner
sps 4.3 A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. networking dos fuzzer
sqlbrute 1.0 Brute forces data out of databases using blind SQL injection. fuzzer webapp
sqlmap 1.2.12 Automatic SQL injection and database takeover tool webapp exploitation fuzzer
sqlninja 0.2.999 A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. exploitation fuzzer webapp
sulley 3:1.0.e72d343 A pure-python fully automated and unattended fuzzing framework. fuzzer
taof 0.3.2 Taof is a GUI cross-platform Python generic network protocol fuzzer. fuzzer
tcpcontrol-fuzzer 2:0.1 2^6 TCP control bit fuzzer (no ECN or CWR). fuzzer networking
tcpjunk 2.9.03 A general tcp protocols testing and hacking utility. exploitation fuzzer
termineter 0.1.0 Smart meter testing framework fuzzer
tftp-fuzz 1:1337 Master TFTP fuzzing script as part of the ftools series of fuzzers. fuzzer
thefuzz 160.b4c2c80 CLI fuzzing tool. fuzzer
tlsfuzzer 696.0a4124c SSL and TLS protocol test suite and fuzzer. crypto fuzzer
trinity 5109.1751b2bd A Linux System call fuzzer. fuzzer
udsim 23.35c1710 A graphical simulator that can emulate different modules in a vehicle and respond to UDS request. scanner fuzzer automobile
umap 25.3ad8121 The USB host security assessment tool. scanner fuzzer
uniofuzz 2:1337 The universal fuzzing tool for browsers, web services, files, programs and network services/ports fuzzer
uniscan 6.3 A simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. fuzzer scanner webapp
upnp-pentest-toolkit 1.1 UPnP Pentest Toolkit for Windows. windows scanner recon fuzzer
uppwn 9.f69dec4 A script that automates detection of security flaws on websites' file upload systems'. webapp fuzzer
vane 1898.872a1c2 A vulnerability scanner which checks the security of WordPress installations using a black box approach. scanner webapp fuzzer
vbscan 1:31.9383a39 A black box vBulletin vulnerability scanner written in perl. webapp fuzzer scanner
viproy-voipkit 1:78.54542b3 VoIP Pen-Test Kit for Metasploit Framework exploitation fuzzer scanner
vsaudit 21.2cbc47b VOIP Security Audit Framework. voip scanner fuzzer
vulscan 2.0 A module which enhances nmap to a vulnerability scanner scanner fuzzer
w3af 1.6.49 Web Application Attack and Audit Framework. fuzzer scanner webapp
wafninja 25.379cd98 A tool which contains two functions to attack Web Application Firewalls. webapp fuzzer
wafpass 44.624ac65 Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF. webapp fuzzer
wapiti 3.0.1 A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... fuzzer scanner webapp
webscarab 20120422.001828 Framework for analysing applications that communicate using the HTTP and HTTPS protocols fuzzer proxy scanner webapp
webshag 1.10 A multi-threaded, multi-platform web server audit tool. fuzzer scanner webapp
websploit 3.0.0 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks exploitation fuzzer scanner social
webxploiter 56.c03fe6b An OWASP Top 10 Security scanner. webapp exploitation fuzzer scanner
wfuzz 631.dacdb37 Utility to bruteforce web applications to find their not linked resources. fuzzer webapp
witchxtool 1.1 A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner. webapp scanner exploitation fuzzer
wpscan 1:3.4.0 Black box WordPress vulnerability scanner webapp fuzzer scanner
wsfuzzer 1.9.5 A Python tool written to automate SOAP pentesting of web services. fuzzer webapp
xsser 2:1.7 A penetration testing tool for detecting and exploiting XSS vulnerabilites. webapp fuzzer exploitation
xsss 0.40b A brute force cross site scripting scanner. webapp fuzzer scanner
xssscan 1:17.7f1ea90 Command line tool for detection of XSS attacks in URLs. Based on ModSecurity rules from OWASP CRS. webapp scanner fuzzer
xsssniper 0.9 An automatic XSS discovery tool webapp fuzzer
yawast 548.9eec969 The YAWAST Antecedent Web Application Security Toolkit. webapp scanner fuzzer
zaproxy 2.7.0 Integrated penetration testing tool for finding vulnerabilities in web applications webapp fuzzer proxy
zzuf 0.15 Transparent application input fuzzer. fuzzer