Fuzzing
Browse 42 fuzzing tools
FEATURED
Offensive security platform for attack surface discovery and risk management
Offensive security platform for attack surface discovery and risk management
All-in-one offensive security platform for attack surface mgmt & risk scoring
All-in-one offensive security platform for attack surface mgmt & risk scoring
AI-driven API pentesting platform with schema-aware testing and fuzzing
AI-driven API pentesting platform with schema-aware testing and fuzzing
Web app vulnerability scanner with continuous scanning and authenticated testing
Web app vulnerability scanner with continuous scanning and authenticated testing
Dynamic API vulnerability scanner with payload-based testing and fuzzing
Dynamic API vulnerability scanner with payload-based testing and fuzzing
DAST tool that scans live web apps to detect vulnerabilities in real-time
DAST tool that scans live web apps to detect vulnerabilities in real-time
Platform for offensive security operations including ASM, VA, and DAST
Platform for offensive security operations including ASM, VA, and DAST
Black box fuzzer and DAST tool for testing application security
Black box fuzzer and DAST tool for testing application security
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A collection of payloads and methodologies for web pentesting.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
qsfuzz is a rule-based fuzzing tool for testing query string parameters in web applications to identify security vulnerabilities.
qsfuzz is a rule-based fuzzing tool for testing query string parameters in web applications to identify security vulnerabilities.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
A GitHub repository for fuzzing and testing file formats
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
A fast and flexible web fuzzer for identifying vulnerabilities in web applications
A fast and flexible web fuzzer for identifying vulnerabilities in web applications
