fuzzing

23 tools and resources

NEW

FDsploit Logo

FDsploit

0 (0)

A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.

Offensive Security
Free
appsecapparmorappsec-tooldirectory-traversalfile-inclusionfuzzingpenetration-testing
IntruderPayloads Logo

IntruderPayloads

0 (0)

A collection of payloads and methodologies for web pentesting.

Offensive Security
Free
burp-suitepayloadsfuzzingpentestingsecurity-testing
Burp-LFI-tests Logo

Burp-LFI-tests

0 (0)

A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.

Offensive Security
Free
appsecappsec-testingburp-suitefuzzinglfilocal-file-inclusion
qsfuzz Logo

qsfuzz

0 (0)

A tool to fuzz query strings and identify vulnerabilities

Malware Analysis
Free
appsecfuzzingvulnerability-detectionweb-app-securityweb-security
XSStrike Logo

XSStrike

0 (0)

A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.

Malware Analysis
Free
xssxss-scannerfuzzingpayload-generation
fuzz.txt Logo

fuzz.txt

0 (0)

A GitHub repository for fuzzing and testing file formats

Malware Analysis
Free
malwarefile-analysisfuzzing
Razzer Logo

Razzer

0 (0)

A Kernel fuzzer focusing on race bugs

Digital Forensics
Free
fuzzingsecurity-testing
vaf Logo

vaf

0 (0)

A cross-platform web fuzzer written in Nim

Offensive Security
Free
fuzzingprotocol-analysissecurity-testing
Filebuster Logo

Filebuster

0 (0)

A fast and flexible web fuzzer for identifying vulnerabilities in web applications

Network Security
Free
web-app-securityfuzzingvulnerability-detectionweb-application-security
ParamPamPam Logo

ParamPamPam

0 (0)

A tool for detecting and exploiting vulnerabilities in web applications

Vulnerability Management
Free
appsecapp-securityfuzzingsql-injectionxssweb-app-security
ParamSpider Logo

ParamSpider

0 (0)

A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Offensive Security
Free
bug-bountybug-huntingfuzzingsecurity-researchweb-application-securityweb-scraping
OneFuzz Logo

OneFuzz

0 (0)

Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.

Offensive Security
Free
fuzzingsecurity-testingdevsecops
SecLists Logo

SecLists

0 (0)

A comprehensive collection of security assessment lists for security testers.

Miscellaneous
Free
appsecbug-bountyfuzzingpentestsecurity-testingvulnerability-detection
AndroFuzz Logo

AndroFuzz

0 (0)

A simple file format fuzzer for Android that can fuzz multiple readers at once

Offensive Security
Free
fuzzingfile-formatsecurity-testing
App-Ray Logo

App-Ray

0 (0)

App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.

Application Security
Free
appseccompliancedevopsfuzzingmobile-securitynetwork-securitysdksecurity-testingvulnerability-analysis
Boofuzz Logo

Boofuzz

0 (0)

Boofuzz is a network protocol fuzzing tool that aims to fuzz everything

Offensive Security
Free
fuzzinginstrumentation
Project Zero iPhone Messaging Tools Logo

Project Zero iPhone Messaging Tools

0 (0)

Repository of tools for testing iPhone messaging by Project Zero

Offensive Security
Free
blue-teambug-bountybug-huntingfuzzingsecurity-testingvulnerability-research
ffuf Logo

ffuf

0 (0)

Fast web fuzzer written in Go

Honeypots
Free
gofuzzinghttphttpsftp
WSSiP Logo

WSSiP

0 (0)

A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.

Network Security
Free
websocketproxyfuzzingsecurity-testingdebugging
ICSFuzz Logo

ICSFuzz

0 (0)

PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.

Miscellaneous
Free
icsfuzzingplc
Xss-Sql-Fuzz Logo

Xss-Sql-Fuzz

0 (0)

A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz

Malware Analysis
Free
burp-suitefuzzingxsssql-injectionpayload-generation
Offensive Docker Logo

Offensive Docker

0 (0)

An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.

Offensive Security
Free
pentestdockerreconport-scanningweb-scanningfuzzingbrute-forceforensic-analysis
Android greybox fuzzing with AFL++ Frida mode Logo

Android greybox fuzzing with AFL++ Frida mode

0 (0)

A repository containing material for Android greybox fuzzing with AFL++ Frida mode

Offensive Security
Free
fuzzingfrida