Fuzzer
The fabulous fuzzer project for software security: http://yogi.se.rit.edu/~swen-331/projects/fuzzer/
Project Team:
- CHRISTOFFER ROSEN cbr4830@rit.edu
- ISIOMA NNODUM iun4534@rit.edu
- SAMANTHA SHANDROW ses6421@rit.edu
Installation
- Clone this repository to an empty directory
- Install all dependencies - we recommend using
pip
Project Setup
- All input discovery functionality is in the discovery package.
- All fuzzing/test functinality is in the fuzzing package.
- All resources/files used are in the Resources directory.
Dependencies
- Python 2.7
- requests (
pip install requests
) - beautiful soup (
pip install beautifulsoup
)
Example usage for discovery:
With Custom Authentication
python fuzz.py discover http://127.0.0.1 --custom-auth=dvwa --common-words="Resources/pageNames.txt"
python fuzz.py discover http://127.0.0.1 --custom-auth=bodgeit --common-words="Resources/pageNames.txt"
No Custom Authentication
python fuzz.py discover http://127.0.0.1 --common-words="Resources/pageNames.txt"
Example Usage for Test
python fuzz.py test http://127.0.0.1 --common-words="resources/pageNames.txt" --vectors="resources/vectors.txt" --custom-auth=dvwa --sensitive="resources/sensitive.txt"