Skip to content

Instantly share code, notes, and snippets.

@abraidotti
Last active March 25, 2024 19:34
Show Gist options
  • Save abraidotti/f1be3b85487b0652f44461d1c39977fb to your computer and use it in GitHub Desktop.
Save abraidotti/f1be3b85487b0652f44461d1c39977fb to your computer and use it in GitHub Desktop.
Application Fuzzing Tools

Application Fuzzing Tools

Fuzzing is the act of testing software for vulnerabilities by injecting mutated or iterated data.

This gist mostly lists tools for web app fuzzing, but a couple for binary file fuzzing too.

Context

The general SOP for app fuzzing seems to be: recon, enumeration, then fuzzing

Tools

Recon

nMap - Network Mapper - https://nmap.org/

Fierce - find related domains - https://github.com/mschwager/fierce

Photon - a crawler - https://github.com/s0md3v/Photon

SSLscan - find certificate and cipher info - https://github.com/rbsec/sslscan

WAFW00F - see what Web Application Firewall is in use - https://github.com/EnableSecurity/wafw00f

Nikto - a web server scanner - https://cirt.net/Nikto2

Useful Firefox extensions

Enumeration

GoBuster - a directory finder - https://github.com/OJ/gobuster

SQLmap - SQL enumerator/injector - https://github.com/sqlmapproject/sqlmap

  • you'll need to get the current session cookie. Example

  • python sqlmap.py -u "http://127.0.0.1/sqli_1.php?title=" --cookie "PHPSESSID=ca42si4nqir5md1dkj4546db92; security_level=0"

Fuzzing

Web app fuzzers

Wfuzz - The Web Fuzzer - https://github.com/xmendez/wfuzz

Burp Suite - https://portswigger.net/burp

  • Learn Burp and hacking techniques for free at the Academy

ffuf - Fuzz Faster U Fool - https://github.com/ffuf/ffuf

Spike - https://github.com/guilhermeferreira/spikepp

Binary fuzzers

American Fuzzy Lop - https://github.com/google/AFL

Other tools

CeWL - custom word list generator - https://github.com/digininja/CeWL

Crunch - word list generator - https://sourceforge.net/projects/crunch-wordlist/

Daniel Miessler's lists - word lists - https://github.com/danielmiessler/SecLists

FuzzDb - word lists - https://github.com/fuzzdb-project/fuzzdb

Misc

I learned about a lot of this in an OWASP class I took on 08.24-25.2020, Fuzzing: An effective alternative to code review and penetration testing, taught by Alper Basaran.

Contact me

https://www.twitter.com/sandy___beaches

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment