fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

awesome fuzzing awesome-list fuzzing-framework secfigo

Updated Jul 29, 2020

google / syzkaller

Star

syzkaller is an unsupervised coverage-guided kernel fuzzer

testing linux security kernel fuzzing fuzz-testing security-vulnerability fuzzer security-tools

Updated Aug 12, 2020
Go

elceef / dnstwist

Star

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

dns osint scanner phishing domains fuzzing threat-hunting typosquatting threat-intelligence homograph-attack idn

Updated Jul 7, 2020
Python

TheKingOfDuck / fuzzDicts

Star

Web Pentesting Fuzz 字典,一个就够了。

directory password fuzzing fuzz-testing pentesting username fuzzer wfuzz paramter

Updated May 9, 2020
Python

1N3 / IntruderPayloads

Star

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

attack injection fuzzing sql-injection bugbounty payloads fuzz burpsuite intruder fuzz-lists burpsuite-engagement burpsuite-intruder

Updated Jun 10, 2020
BitBake

google / honggfuzz

Star

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

c security fuzzing

Updated Aug 10, 2020
C

evyatarmeged / Raccoon

Star

A high performance offensive security tool for reconnaissance and vulnerability scanning

osint scanner hacking enumeration fuzzing pentesting offensive-security hacking-tool security-scanner vulnerability-assessment information-gathering reconnaissance pentest-tool vulnerability-scanner raccoon

Updated Mar 5, 2020
Python

googleprojectzero / winafl

Star

A fork of AFL for fuzzing Windows binaries

security fuzzing afl

Updated Aug 10, 2020
C

dubzzz / fast-check

Star

Property based testing framework for JavaScript (like QuickCheck) written in TypeScript

testing unit-testing typescript tdd quickcheck property-based-testing fuzzing generative-testing

Updated Aug 12, 2020
TypeScript

googleprojectzero / domato

Star

DOM fuzzer

security dom fuzzing

Updated Dec 9, 2019
Python

0xSobky / HackVault

Star

A container repository for my public web hacks!

tracking exploit regex xss fuzzing web-security pentesting payloads reconnaissance web-hacks

Updated Sep 7, 2018
JavaScript

asatarin / testing-distributed-systems

Star

Curated list of resources on testing distributed systems

testing distributed-systems fuzzing fault-injection jepsen jepsen-tests

Updated Jul 30, 2020
HTML

jtpereyda / boofuzz

Star

A fork and successor of the Sulley Fuzzing Framework

python security fuzzing

Updated Aug 10, 2020
Python

cn0xroot / RFSec-ToolKit

Star

RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith

radio iot communication hardware fuzzing wireless sdr hackrf gnuradio usrp bladerf limesdr

Updated Jan 14, 2020

rust-fuzz / afl.rs

Star

🐇 Fuzzing Rust code with American Fuzzy Lop

rust fuzzing fuzz-testing afl

Updated Jun 14, 2020
Rust

AFLplusplus / AFLplusplus

Star

afl++ is afl with community patches, AFLfast power schedules, qemu 3.1 upgrade + laf-intel support, MOpt mutators, InsTrim instrumentation, unicorn_mode, Redqueen and a lot more!

instrumentation qemu fuzzing fuzz-testing afl afl-fuzz fuzzer unicorn-emulator afl-fuzzer