Packages that use the fuzz testing principle, ie 'throwing' random inputs at the subject to see what happens.
Tool count: 234
Name | Version | Description | Category | Website |
---|---|---|---|---|
0d1n | 1:263.2d723ae | Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. | webapp fuzzer scanner | |
abuse-ssl-bypass-waf | 7.c28f98e | Bypassing WAF by abusing SSL/TLS Ciphers. | webapp fuzzer | |
afl | 2.57b | Security-oriented fuzzer using compile-time instrumentation and genetic algorithms | fuzzer binary | |
aflplusplus | 1:v4.20c.r16.gad0d0c77 | American Fuzzing Lop fuzzer with community patches and additional features. | fuzzer | |
aggroargs | 51.c032446 | Bruteforce commandline buffer overflows, linux, aggressive arguments. | exploitation fuzzer | |
ajpfuzzer | 0.6 | A command-line fuzzer for the Apache JServ Protocol (ajp13). | fuzzer | |
astra | 489.092804a | Automated Security Testing For REST API's. | webapp fuzzer | |
atlas | 7.77bd6c8 | Open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS. | webapp fuzzer | |
atscan | 2461.06521a9 | Server, Site and Dork Scanner. | scanner webapp fuzzer exploitation automation | |
backfuzz | 1:1.b0648de | A network protocol fuzzing toolkit. | fuzzer networking | |
bbscan | 52.6731879 | A tiny Batch weB vulnerability Scanner. | webapp scanner fuzzer | |
bfuzz | 60.fdaefc0 | Input based fuzzer tool for browsers. | fuzzer | |
bing-lfi-rfi | 0.1 | This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities. | webapp scanner fuzzer | |
birp | 65.b2e108a | A tool that will assist in the security assessment of mainframe applications served over TN3270. | scanner recon fuzzer | |
bluebox-ng | 1:1.1.0 | A GPL VoIP/UC vulnerability scanner. | voip scanner fuzzer | |
boofuzz | v0.4.2.r23.g85cb79f | fuzzer | ||
browser-fuzzer | 3 | Browser Fuzzer 3 | fuzzer | |
brutexss | 54.ba753df | Cross-Site Scripting Bruteforcer. | webapp fuzzer | |
bss | 0.8 | Bluetooth stack smasher / fuzzer | bluetooth fuzzer scanner | |
bt_audit | 0.1.1 | Bluetooth audit | bluetooth fuzzer | |
bunny | 0.93 | A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. | fuzzer | |
burpsuite | 1:2024.11.1 | An integrated platform for attacking web applications (free edition). | fuzzer proxy scanner webapp | |
cantoolz | 1:425.82d330b | Framework for black-box CAN network analysis https://asintsov.blogspot.de/. | automobile recon fuzzer scanner | |
capfuzz | 34.97ac312 | Capture, fuzz and intercept web traffic. | sniffer fuzzer | |
cecster | 5.15544cb | A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols. | scanner fuzzer | |
chipsec | 4:2253.b34fd4f4 | Framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. | hardware binary forensic scanner fuzzer | |
choronzon | 4.d702c31 | An evolutionary knowledge-based fuzzer. | fuzzer | |
cirt-fuzzer | 1.0 | A simple TCP/UDP protocol fuzzer. | fuzzer | |
cisco-auditing-tool | 1 | Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. | cracker fuzzer scanner | |
cmsfuzz | 5.6be5a98 | Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke. | webapp scanner fuzzer | |
conscan | 1.2 | A blackbox vulnerability scanner for the Concre5 CMS. | fuzzer scanner webapp | |
cookie-cadger | 1.08 | An auditing tool for Wi-Fi or wired Ethernet connections. | fuzzer scanner | |
crackql | 1.0.r53.gac26a44 | GraphQL password brute-force and fuzzing utility | webapp exploitation fuzzer | |
crlf-injector | 9.bd6db06 | A python script for testing CRLF injecting issues. | fuzzer webapp | |
dalfox | 1500.2de3dd9 | Parameter Analysis and XSS Scanning tool. | webapp fuzzer | |
darkbing | 0.1 | A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. | scanner fuzzer webapp | |
dharma | 98.6b1e511 | Generation-based, context-free grammar fuzzer. | fuzzer | |
dhcpig | 2:110.f037788 | Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library. | scanner fuzzer dos | |
dizzy | 2.0 | A Python based fuzzing framework with many features. | fuzzer networking | |
domato | 133.fadff39 | DOM fuzzer. | fuzzer | |
doona | 145.7a4796c | A fork of the Bruteforce Exploit Detector Tool (BED). | fuzzer exploitation | |
dotdotpwn | 3.0.2 | The Transversal Directory Fuzzer | exploitation fuzzer | |
dpscan | 0.1 | Drupal Vulnerabilty Scanner. | scanner webapp fuzzer | |
dr-checker | 140.ea63c0f | A Soundy Vulnerability Detection Tool for Linux Kernel Drivers. | exploitation fuzzer | |
drozer | 2.4.4 | A security testing framework for Android - Precompiled binary from official repository. | mobile scanner fuzzer | |
dudley | 16.ea14ca6 | Block-based vulnerability fuzzing framework. | fuzzer | |
easyfuzzer | 3.6 | A flexible fuzzer, not only for web, has a CSV output for efficient output analysis (platform independant). | fuzzer webapp | |
faraday | 9269.4625bd369 | A new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analyze of the generated data during the process of a security audit. | scanner exploitation fuzzer fingerprint automation misc | |
faradaysec | 12753.f8535178a | Collaborative Penetration Test and Vulnerability Management Platform. | scanner exploitation fuzzer fingerprint automation misc | |
fdsploit | 26.4522f53 | A File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool. | webapp fuzzer exploitation | |
feroxbuster | 1:v2.11.0.r1.g3b0e530 | A fast, simple, recursive content discovery tool written in Rust. | webapp scanner fuzzer | |
ffuf | 1:v2.1.0.r3.gde9ac86 | Fast web fuzzer written in Go. | webapp fuzzer | |
fhttp | 1.3 | This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more. | webapp scanner fuzzer fingerprint dos | |
filebuster | 95.f2b04c7 | An extremely fast and flexible web fuzzer. | webapp fuzzer | |
filefuzz | 1.0 | A binary file fuzzer for Windows with several options. | windows fuzzer | |
fimap | 2:1.00 | A little tool for local and remote file inclusion auditing and exploitation. fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. | exploitation fuzzer | |
firewalk | 5.0 | An active reconnaissance network security tool | fuzzer scanner | |
flyr | 76.4926ecc | Block-based software vulnerability fuzzing framework. | fuzzer | |
fockcache | 10.3e7efa9 | Tool to make cache poisoning by trying X-Forwarded-Host and X-Forwarded-Scheme headers on web pages. | webapp fuzzer | |
frisbeelite | 1.2 | A GUI-based USB device fuzzer. | fuzzer | |
ftester | 1.0 | A tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. | fuzzer | |
ftp-fuzz | 1:1337 | The master of all master fuzzing scripts specifically targeted towards FTP server sofware. | fuzzer | |
fuddly | 569.fd2c4d0 | Fuzzing and Data Manipulation Framework (for GNU/Linux). | fuzzer | |
fusil | 1.5 | A Python library used to write fuzzing programs. | fuzzer | |
fuzzball2 | 0.7 | A little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice. | fuzzer | |
fuzzdb | 475.5656ab2 | Attack and Discovery Pattern Dictionary for Application Fault Injection Testing | fuzzer | |
fuzzdiff | 1.0 | A simple tool designed to help out with crash analysis during fuzz testing. It selectively 'un-fuzzes' portions of a fuzzed file that is known to cause a crash, re-launches the targeted application, and sees if it still crashes. | fuzzer | |
fuzzowski | 41.e39f665 | A Network Protocol Fuzzer made by NCCGroup based on Sulley and BooFuzz. | fuzzer networking | |
fuzztalk | 1.0.0.0 | An XML driven fuzz testing framework that emphasizes easy extensibility and reusability. | windows fuzzer | |
gloom | 1:93.cd6e927 | Linux Penetration Testing Framework. | scanner exploitation recon fuzzer social | |
goofuzz | 1.2.5.r2.g6ba4cc5 | A Bash script that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. | fuzzer recon scanner | |
grammarinator | 373.f5de911 | A random test generator / fuzzer that creates test cases according to an input ANTLR v4 grammar. | fuzzer misc | |
graphql-path-enum | 23.5450280 | Tool that lists the different ways of reaching a given type in a GraphQL schema. | webapp exploitation fuzzer | |
graphqlmap | 63.59305d7 | Scripting engine to interact with a graphql endpoint for pentesting purposes. | webapp exploitation fuzzer | |
greenbone-security-assistant | 9.0.1 | Greenbone Security Assistant (gsa) - OpenVAS web frontend | scanner fuzzer exploitation | |
grr | 17.791ed5a | High-throughput fuzzer and emulator of DECREE binaries. | fuzzer | |
gvmd | 8.0.1 | Greenbone Vulnerability Manager - The database backend for the Greenbone Vulnerability Management (GVM) framework | scanner fuzzer exploitation | |
hexorbase | 2:6 | A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). | fuzzer scanner | |
hodor | 1.01be107 | A general-use fuzzer that can be configured to use known-good input and delimiters in order to fuzz specific locations. | fuzzer | |
homepwn | 31.0803981 | Swiss Army Knife for Pentesting of IoT Devices. | scanner recon fuzzer exploitation | |
honggfuzz | 4113.c549b4c3 | A general-purpose fuzzer with simple, command-line interface. | fuzzer hardware | |
http-fuzz | 1:0.1 | A simple http fuzzer. | fuzzer | |
httpforge | 11.02.01 | A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. | webapp scanner fuzzer recon | |
hwk | 0.4 | Collection of packet crafting and wireless network flooding tools | dos fuzzer scanner wireless | |
ifuzz | 1.0 | A binary file fuzzer with several options. | fuzzer | |
ikeprober | 1.12 | Tool crafting IKE initiator packets and allowing many options to be manually set. Useful to find overflows, error conditions and identifiyng vendors | fuzzer | |
inguma | 0.1.1 | A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. | cracker disassembler exploitation fuzzer scanner | |
injectus | 12.3c01fa0 | Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads. | webapp scanner fuzzer | |
isip | 2.fad1f10 | Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. | voip networking fuzzer dos | |
jbrofuzz | 2.5 | Web application protocol fuzzer that emerged from the needs of penetration testing. | fuzzer | |
jok3r | 447.0761996 | Network and Web Pentest Framework. | webapp scanner fuzzer networking | |
joomlavs | 254.eea7500 | A black box, Ruby powered, Joomla vulnerability scanner. | webapp scanner fuzzer | |
jsql-injection | 0.101 | A Java application for automatic SQL database injection. | webapp exploitation fuzzer | |
kitty | 321.f19e811 | Fuzzing framework written in python. | fuzzer | |
kitty-framework | 352.cb07609 | Fuzzing framework written in python. | fuzzer | |
krbrelayx | 51.7c75a7c | Kerberos unconstrained delegation abuse toolkit. | scanner fuzzer spoof networking | |
leviathan | 35.a1a1d8c | A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. | scanner cracker webapp fuzzer exploitation | |
lfi-autopwn | 3.0 | A Perl script to try to gain code execution on a remote server via LFI | exploitation fuzzer | |
lfi-fuzzploit | 1.1 | A simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. | webapp fuzzer exploitation | |
lfi-scanner | 4.0 | This is a simple perl script that enumerates local file inclusion attempts when given a specific target. | scanner fuzzer webapp | |
lfi-sploiter | 1.0 | This tool helps you exploit LFI (Local File Inclusion) vulnerabilities. Post discovery, simply pass the affected URL and vulnerable parameter to this tool. You can also use this tool to scan a URL for LFI vulnerabilities. | webapp fuzzer exploitation | |
lfimap | 1:283.5db3000 | This script is used to take the highest beneficts of the local file include vulnerability in a webserver. | webapp fuzzer | |
liffy | 1:33.89dd4f8 | A Local File Inclusion Exploitation tool. | webapp exploitation fuzzer | |
littleblackbox | 0.1.3 | Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. | scanner fuzzer crypto | |
log4j-bypass | 33.f5c92f9 | Log4j web app tester that includes WAF bypasses. | webapp fuzzer scanner | |
log4j-scan | 88.07f7e32 | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228. | webapp scanner fuzzer | |
logmepwn | 24.f257a8f | A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability. | scanner fuzzer | |
lorsrf | 1:v2.1.r3.g5c69453 | Find the parameters that can be used to find SSRF or Out-of-band resource load. | webapp scanner fuzzer | |
maligno | 2.5 | An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. | scanner fuzzer exploitation | |
malybuzz | 1.0 | A Python tool focused in discovering programming faults in network software. | fuzzer | |
manul | 197.f525df9 | A coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS. | fuzzer binary | |
mdk3 | v6 | WLAN penetration tool | wireless fuzzer | |
mdk4 | 4.2 | Proof-of-Concept tool to exploit common IEEE 802.11 protocol weaknesses. | wireless fuzzer | |
melkor | 1.0 | An ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). | fuzzer binary | |
metasploit | 6.4.36 | Advanced open-source platform for developing, testing, and using exploit code | exploitation fuzzer scanner recon networking | |
mitm6 | 33.8e75884 | Pwning IPv4 via IPv6. | scanner fuzzer spoof networking | |
mongoaudit | 222.70b83e8 | A powerful MongoDB auditing and pentesting tool . | scanner fuzzer | |
nemesis | 331.5aee868 | command-line network packet crafting and injection utility | networking fuzzer spoof | |
network-app-stress-tester | 19.df75391 | Network Application Stress Testing Yammer. | dos networking fuzzer | |
netzob | 1.0.2 | An open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. | reversing fuzzer networking | |
nikto | 2.5.0 | A web server scanner which performs comprehensive tests against web servers for multiple items | scanner webapp fuzzer | |
nili | 39.285220a | Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. | scanner reversing fuzzer | |
nimbostratus | 54.c7c206f | Tools for fingerprintinging and exploiting Amazon cloud infrastructures. | fingerprint exploitation fuzzer | |
notspikefile | 1:0.1 | A Linux based file format fuzzing tool | fuzzer | |
nsoq | 1.9.5 | A Network Security Tool for packet manipulation that allows a large number of options. | networking scanner fuzzer | |
nullscan | 1.0.1 | A modular framework designed to chain and automate security tests. | automation scanner recon fingerprint networking fuzzer exploitation | |
oat | 1.3.1 | A toolkit that could be used to audit security within Oracle database servers. | fuzzer | |
ohrwurm | 1.7a1182a | A small and simple RTP fuzzer. | fuzzer | |
openvas | 20241207 | The OpenVAS scanning Daemon | scanner fuzzer exploitation | |
openvas-cli | 1.4.5 | The OpenVAS Command-Line Interface | scanner fuzzer exploitation | |
openvas-libraries | 9.0.2 | The OpenVAS libraries | scanner fuzzer exploitation | |
openvas-manager | 7.0.3 | A layer between the OpenVAS Scanner and various client applications | scanner fuzzer exploitation | |
openvas-scanner | 22.4.0 | The OpenVAS scanning Daemon | scanner fuzzer exploitation | |
oscanner | 1.0.6 | An Oracle assessment framework developed in Java. | fuzzer | |
owtf | 2187.af993ecb | The Offensive (Web) Testing Framework. | webapp automation scanner fuzzer | |
pappy-proxy | 77.e1bb049 | An intercepting proxy for web application testing. | webapp proxy scanner fuzzer recon | |
parampampam | 45.9171018 | This tool for brute discover GET and POST parameters. | webapp fuzzer | |
peach | 3.0.202 | A SmartFuzzer that is capable of performing both generation and mutation based fuzzing. | fuzzer | |
peach-fuzz | 55.404e8ee | Simple vulnerability scanning framework. | fuzzer code-audit | |
pentbox | 1.8 | A security suite that packs security and stability testing oriented tools for networks and systems. | fuzzer scanner | |
pmcma | 1.00 | Automated exploitation of invalid memory writes (being them the consequences of an overflow in a writable section, of a missing format string, integer overflow, variable misuse, or any other type of memory corruption). | exploitation automation fuzzer | |
portmanteau | 1.0 | An experimental unix driver IOCTL security tool that is useful for fuzzing and discovering device driver attack surface. | fuzzer | |
powerfuzzer | 1_beta | Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and others. | fuzzer | |
pret | 108.a04bd04 | Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. | exploitation fuzzer recon scanner | |
profuzz | 9.aa6dded | Simple PROFINET fuzzer based on Scapy. | fuzzer | |
pulsar | 55.3c61178 | Protocol Learning and Stateful Fuzzing. | fuzzer | |
pureblood | 37.2c5ce07 | A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. | automation webapp scanner fuzzer | |
pyersinia | 49.73f4056 | Network attack tool like yersinia but written in Python. | networking fuzzer dos voip scanner exploitation | |
pyjfuzz | 157.f777067 | Python JSON Fuzzer. | fuzzer | |
pytbull | 19.3d82a54 | A python based flexible IDS/IPS testing framework shipped with more than 300 tests. | scanner fuzzer | |
qark | 301.ba1b265 | Tool to look for several security related Android application vulnerabilities. | mobile fuzzer scanner exploitation | |
radamsa | 0.7 | General purpose mutation based fuzzer | fuzzer | |
rapidscan | 221.296a20b | The Multi-Tool Web Vulnerability Scanner. | webapp scanner recon fingerprint fuzzer exploitation | |
ratproxy | 1.58 | A passive web application security assessment tool | fuzzer proxy scanner webapp | |
responder | 4:v3.1.5.0.r0.ge918fe0 | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. | scanner fuzzer spoof networking | |
responder-multirelay | 1:360.24e7b7c | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), | scanner fuzzer spoof networking | |
restler-fuzzer | 8:404.90c39b8 | First stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. | webapp fuzzer | |
s3-fuzzer | 4.0a2a6f0 | A concurrent, command-line AWS S3 Fuzzer. | fuzzer | |
samesame | 68.a9bcd7b | Command line tool to generate crafty homograph strings. | fuzzer | |
sandsifter | 2.8375e61 | The x86 processor fuzzer. | fuzzer hardware | |
sb0x | 19.04f40fe | A simple and Lightweight framework for Penetration testing. | scanner fuzzer cracker backdoor recon | |
scout2 | 1182.5d86d46 | Security auditing tool for AWS environments. | scanner fuzzer | |
sfuzz | 200.e1b62bd | A simple fuzzer. | fuzzer | |
sharpfuzz | 1:v2.1.1.r9.g03a381c | AFL-based fuzz testing for .NET. | fuzzer windows | |
shortfuzzy | 0.1 | A web fuzzing script written in perl. | webapp fuzzer scanner | |
skipfish | 2.10b | A fully automated, active web application security reconnaissance tool | fuzzer scanner webapp | |
sloth-fuzzer | 39.9f7f59a | A smart file fuzzer. | fuzzer | |
smartphone-pentest-framework | 104.fc45347 | Repository for the Smartphone Pentest Framework (SPF). | mobile scanner fuzzer | |
smbexec | 2:59.a54fc14 | A rapid psexec style attack with samba tools. | scanner recon fuzzer exploitation | |
smod | 53.7eb8423 | A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. | scanner fuzzer recon dos | |
smtp-fuzz | 1.0 | Simple smtp fuzzer. | fuzzer | |
smtptx | 1.0 | A very simple tool used for sending simple email and do some basic email testing from a pentester perspective. | scanner fuzzer | |
sn00p | 0.8 | A modular tool written in bourne shell and designed to chain and automate security tools and tests. | automation scanner recon fingerprint networking fuzzer exploitation | |
snmp-fuzzer | 0.1.1 | SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. | fuzzer networking | |
soapui | 5.7.2 | The Swiss-Army Knife for SOAP Testing. | proxy fuzzer | |
socketfuzz | 26.089add2 | Simple socket fuzzer. | fuzzer | |
spaf | 11.671a976 | Static Php Analysis and Fuzzer. | webapp fuzzer code-audit | |
spartan | 23.babdd7d | TCHunt-ng attempts to reveal encrypted files stored on a filesystem. The program is successful in finding TrueCrypt, VeraCrypt, CipherShed containers, EncFS encrypted files, PGP/GPG encrypted messages, OpenSSH and PEM private keys, password databases, and files made up of random data. | fingerprint fuzzer | |
spiderpig-pdffuzzer | 0.1 | A javascript pdf fuzzer | fuzzer | |
spike | 2.9 | IMMUNITYsec's fuzzer creation kit in C | fuzzer | |
spike-fuzzer | 2.9 | IMMUNITYsec's fuzzer creation kit in C. | fuzzer | |
sploitego | 153.d9568dc | Maltego Penetration Testing Transforms. | fuzzer scanner | |
sps | 4.3 | A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. | networking dos fuzzer | |
sqlbrute | 1.0 | Brute forces data out of databases using blind SQL injection. | fuzzer webapp | |
sqlmap | 1.8.8 | Automatic SQL injection and database takeover tool | webapp exploitation fuzzer | |
sqlninja | 0.2.999 | A tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. | exploitation fuzzer webapp | |
sshfuzz | 1.0 | A SSH Fuzzing utility written in Perl that uses Net::SSH2. | fuzzer | |
ssrfmap | 115.36eb5a3 | Automatic SSRF fuzzer and exploitation tool. | webapp scanner fuzzer exploitation | |
stews | 1.0.0.r7.gc7bba5a | A Security Tool for Enumerating WebSockets. | webapp scanner fingerprint fuzzer | |
sulley | 4:1.0.bff0dd1 | A pure-python fully automated and unattended fuzzing framework. | fuzzer | |
taof | 0.3.2 | Taof is a GUI cross-platform Python generic network protocol fuzzer. | fuzzer | |
tcpcontrol-fuzzer | 2:0.1 | 2^6 TCP control bit fuzzer (no ECN or CWR). | fuzzer networking | |
tcpjunk | 2.9.03 | A general tcp protocols testing and hacking utility. | exploitation fuzzer | |
termineter | 210.a802f94 | Smart meter testing framework | fuzzer | |
tftp-fuzz | 1:1337 | Master TFTP fuzzing script as part of the ftools series of fuzzers. | fuzzer | |
thefuzz | 160.b4c2c80 | CLI fuzzing tool. | fuzzer | |
tlsfuzzer | 1839.2f576b6 | SSL and TLS protocol test suite and fuzzer. | crypto fuzzer | |
trinity | 5192.e7187245 | A Linux System call fuzzer. | fuzzer | |
udp-hunter | 4.b95cce5 | Network assessment tool for various UDP Services covering both IPv4 and IPv6 protocols. | scanner fuzzer fingerprint | |
udsim | 33.b379464 | A graphical simulator that can emulate different modules in a vehicle and respond to UDS request. | scanner fuzzer automobile | |
umap | 25.3ad8121 | The USB host security assessment tool. | scanner fuzzer | |
unifuzzer | 5.3385a3b | A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer. | fuzzer binary | |
uniofuzz | 2:1337 | The universal fuzzing tool for browsers, web services, files, programs and network services/ports | fuzzer | |
uniscan | 6.3 | A simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. | fuzzer scanner webapp | |
upnp-pentest-toolkit | 1.1 | UPnP Pentest Toolkit for Windows. | windows scanner recon fuzzer | |
uppwn | 9.f69dec4 | A script that automates detection of security flaws on websites' file upload systems'. | webapp fuzzer | |
vane | 1899.48f9ab5 | A vulnerability scanner which checks the security of WordPress installations using a black box approach. | scanner webapp fuzzer | |
vbscan | 1:39.2b1ce48 | A black box vBulletin vulnerability scanner written in perl. | webapp fuzzer scanner | |
viproy-voipkit | 1:82.52b27db | VoIP Pen-Test Kit for Metasploit Framework | exploitation fuzzer scanner | |
vsaudit | 21.2cbc47b | VOIP Security Audit Framework. | voip scanner fuzzer | |
vulscan | 2.0 | A module which enhances nmap to a vulnerability scanner | scanner fuzzer | |
w13scan | 430.432b835 | Passive Security Scanner. | webapp scanner fuzzer | |
w3af | 1.6.49 | Web Application Attack and Audit Framework. | fuzzer scanner webapp | |
wafninja | 25.379cd98 | A tool which contains two functions to attack Web Application Firewalls. | webapp fuzzer | |
wafpass | 50.4211785 | Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF. | webapp fuzzer | |
wapiti | 3.2.2.r1.gf489f7cc | A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... | fuzzer scanner webapp | |
webscarab | 20120422.001828 | Framework for analysing applications that communicate using the HTTP and HTTPS protocols | fuzzer proxy scanner webapp | |
webshag | 1.10 | A multi-threaded, multi-platform web server audit tool. | fuzzer scanner webapp | |
websploit | 4.0.4 | An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks | exploitation fuzzer scanner social | |
webxploiter | 56.c03fe6b | An OWASP Top 10 Security scanner. | webapp exploitation fuzzer scanner | |
weirdaal | 331.c14e36d | AWS Attack Library. | webapp scanner fuzzer | |
wfuzz | 1155.1b695ee | Utility to bruteforce web applications to find their not linked resources. | fuzzer webapp | |
witchxtool | 1.1 | A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner. | webapp scanner exploitation fuzzer | |
wpscan | 1:3.8.26 | Black box WordPress vulnerability scanner | webapp fuzzer scanner | |
wsfuzzer | 1.9.5 | A Python tool written to automate SOAP pentesting of web services. | fuzzer webapp | |
xspear | 1:144.57bb7b4 | Powerfull XSS Scanning and Parameter analysis tool&gem. | webapp fuzzer | |
xss-freak | 17.e361766 | An XSS scanner fully written in Python3 from scratch. | webapp scanner fuzzer | |
xsser | 2:1.8 | A penetration testing tool for detecting and exploiting XSS vulnerabilites. | webapp fuzzer exploitation | |
xsss | 0.40b | A brute force cross site scripting scanner. | webapp fuzzer scanner | |
xssscan | 1:17.7f1ea90 | Command line tool for detection of XSS attacks in URLs. Based on ModSecurity rules from OWASP CRS. | webapp scanner fuzzer | |
xsssniper | 79.02b59af | An automatic XSS discovery tool | webapp fuzzer | |
yawast | 1:0.11.0 | The YAWAST Antecedent Web Application Security Toolkit. | webapp scanner fuzzer | |
zaproxy | 2.15.0 | Integrated penetration testing tool for finding vulnerabilities in web applications | webapp fuzzer proxy | |
zzuf | 0.15 | Transparent application input fuzzer. | fuzzer |