Fuzzing
Browse 42 fuzzing tools
FEATURED
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
A Go-based crash analysis tool that processes and reproduces crash files from fuzzing tools like AFL with multiple debugging engines and output formats.
A Go-based crash analysis tool that processes and reproduces crash files from fuzzing tools like AFL with multiple debugging engines and output formats.
A simple file format fuzzer for Android that can fuzz multiple readers at once
A simple file format fuzzer for Android that can fuzz multiple readers at once
FuzzDB is an open-source dictionary of attack patterns and predictable resource locations for dynamic application security testing and vulnerability discovery.
FuzzDB is an open-source dictionary of attack patterns and predictable resource locations for dynamic application security testing and vulnerability discovery.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
Boofuzz is a network protocol fuzzing tool that aims to fuzz everything
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
A collection of security research tools from Google's Project Zero team for testing and analyzing iPhone messaging systems including SMS, iMessage, and IMAP protocols.
A collection of security research tools from Google's Project Zero team for testing and analyzing iPhone messaging systems including SMS, iMessage, and IMAP protocols.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.
PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
A multi-threaded, feedback-driven evolutionary fuzzer that uses low-level process monitoring to discover security vulnerabilities in software applications.
A multi-threaded, feedback-driven evolutionary fuzzer that uses low-level process monitoring to discover security vulnerabilities in software applications.
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
