Stack Overflow
Stack Overflow

Questions tagged [fuzzer]

A fuzzer is a tool used to provide invalid and unexpected data to the inputs of a program in order to obtain crashes, memory leaks or invalid program states.

A fuzzer is a tool used to provide invalid and unexpected data to the inputs of a program in order to obtain crashes, memory leaks or invalid program states.

37 questions
7
votes
2 answers

Network or Transport Layer Fuzzing

How do I go about executing a fuzzing strategy to stress a network stack, specifically at the third and fourth layers (network and transport)? I've looked at frameworks to generate fuzzers, like SPIKE, but it seems to me that they are mostly focused…
Santa
  • 71
  • 1
  • 2
4
votes
1 answer

Fuzzing shared libraries using libfuzzer

The fuzzing process using libfuzzer continues indefinitely until a bug is found. Is there a flag or an option in libfuzzer to mutate and continue fuzzing even after discovering a bug ?
Arya M Sankar
  • 66
  • 5
4
votes
1 answer

Open source fuzz tool for fuzzing HTTP POST requests

I am looking for an open source fuzz tool for fuzzing HTTP POST requests. Any ideas?
Gjorgji
  • 22,458
  • 10
  • 31
  • 39
4
votes
5 answers

Python help understanding sample code

I've been trying to learn python recently, and ran across something that I'm having a hard time understanding exactly how it works. Primarily, it is the design of a list. The list in question is from this security article talking about a simple…
C Smith
  • 778
  • 2
  • 14
  • 31
3
votes
4 answers

What good open source programs exist for fuzzing popular image file types?

I am looking for a free, open source, portable fuzzing tool for popular image file types that is written in either Java, Python, or Jython. Ideally, it would accept specifications for the fuzzable fields using some kind of declarative constraints. …
JohnnySoftware
  • 2,053
  • 16
  • 15
3
votes
1 answer

software fuzzer

I would like to make a software fuzzer. What I want to do is open a program and the fuzzer should find all the functions on the application that take input and then try to write a string that I provide the fuzzer with at the beginning. The fuzzer…
I.el-sayed
  • 325
  • 1
  • 5
  • 18
2
votes
1 answer

wapiti crashes my ASP.NET project. Why? How do i fix it?

Heres one scan of Wapiti. I notice when i had images uploaded (users can upload) i get a crash before Launching module crlf. So just using a fresh instance of my site i ran this and got the result below. My questions are 1. How do i fix the…
user34537
2
votes
1 answer

Best option to fuzz a C Network Program

I have a client/server simple program in C. I want to test the server running on different machine with random inputs. I have looked at 'Bunny-the-fuzzer' but from what I can understand It wont be much help when the target program/application is on…
user2061944
  • 319
  • 1
  • 3
  • 11
1
vote
1 answer

Microsoft REST-ler fuzzer - unable to use Proxy and Authentication token when doing fuzzy testing

Trying to fuzz test my node.js project with Microsoft's REST-ler fuzzer by pointing to a swagger json. I am trying to use https://github.com/microsoft/restler-fuzzer and running into issues with proxy. Getting outside our proxy allows me to start…
Vijay
  • 595
  • 1
  • 13
  • 27
1
vote
2 answers

OWASP ZAP fuzzer header and body

I'm learning how use OWASP ZAP and I'd like to know how fuzzer at the same time the header and the body in a request using the same payload script. I am trying to do this lab for…
Tdlob31
  • 13
  • 5
1
vote
1 answer

How to compile libav for AFLGo

I need to compile libav library with AFLGO. cd ~ export AFLGO=$PWD/aflgo cd path/to/libav/folder export SUBJECT=$PWD; export TMP_DIR=$PWD/obj-aflgo/temp export CC=$AFLGO/afl-clang-fast export CXX=$AFLGO/afl-clang-fast++ export…
mebee
  • 13
  • 3
1
vote
2 answers

How to create an augmented AFL fuzzer which skips certain seeds?

I am a master's student working on replicating the results of the paper : https://www.microsoft.com/en-us/research/publication/not-all-bytes-are-equal-neural-byte-sieve-for-fuzzing/ I want to create an augmented fuzzer which rejects the…
Vineeth Bharadwaj
  • 43
  • 1
  • 5
1
vote
0 answers

output of generated tests peach fuzzer to the executable file

Peach Fuzzer. I need to pass the generated tests to the executable file as an argument. This can be configured in the xml file that is called the "peach pit". For example, here is a test record in text files
Petr
  • 11
  • 2
1
vote
2 answers

Compile a command line script for iOS

I coded an iOKit fuzzer for iOS. Here is the code: #include #include #include #include #include #include int main() { io_service_t service =…
Hayden
  • 11
  • 1
1
vote
0 answers

Python. HTTP fuzzer don't wait for response

I have currently have a code that uses multi-threading and urllib2 to fuzz a web server (GET and POST) but the problem is that every thread keep waiting for the response of the request. import urllib,urllib2 from threading import Thread def…
user1618465
  • 1,813
  • 2
  • 32
  • 58
1
2 3