fuzzer
There are 392 repositories under fuzzer topic.
ffuf/ffuf
Fast web fuzzer written in Go
maurosoria/dirsearch
Web path scanner
TheKingOfDuck/fuzzDicts
You Know, For WEB Fuzzing ! 日站用的字典。
AFLplusplus/AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
google/syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
antonio-morales/Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
crytic/echidna
Ethereum smart contract fuzzer
1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
0vercl0k/wtf
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).
Endava/cats
CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.
m4n3dw0lf/pythem
pentest framework
CodeIntelligenceTesting/jazzer
Coverage-guided, in-process fuzzing for the JVM
wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
f4pga/prjxray
Documenting the Xilinx 7-series bit-stream format.
Fuzzapi/fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
MozillaSecurity/funfuzz
A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
hfiref0x/NtCall64
Windows NT x64 syscall fuzzer
WebFuzzing/EvoMaster
The first open-source AI-driven tool for automatically generating system-level test cases (also known as fuzzing) for web/enterprise applications. Currently targeting whitebox and blackbox testing of Web APIs, like REST, GraphQL and RPC (e.g., gRPC and Thrift).
fuzzitdev/jsfuzz
coverage guided fuzz testing for javascript
tlsfuzzer/tlsfuzzer
SSL and TLS protocol test suite and fuzzer
liamg/scout
🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
matusf/openapi-fuzzer
Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
prompt-security/ps-fuzz
Make your GenAI Apps Safe & Secure :rocket: Test & harden your system prompt
MozillaSecurity/dharma
Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.
rust-fuzz/honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
RedTeamPentesting/monsoon
Fast HTTP enumerator
c0dejump/HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
anmolksachan/TheTimeMachine
Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
KissPeter/APIFuzzer
Fuzz test your application using your OpenAPI or Swagger API definition without coding
loiclec/fuzzcheck-rs
Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions
Brum3ns/firefly
Black box fuzzer for web applications
uds-se/FormatFuzzer
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.
gokulapap/Reconator
Automated Recon for Pentesting & Bug Bounty
Metalnem/sharpfuzz
AFL-based fuzz testing for .NET
rc0r/afl-utils
Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization