scout - 🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

  •        1157

Scout is a URL fuzzer and spider for discovering undisclosed VHOSTS, files and directories on a web server. Filename to seek in the directory being searched. Useful when all directories report 404 status.

https://github.com/liamg/scout

Tags
Implementation
License
Platform

   




Related Projects

syzkaller - syzkaller is an unsupervised, coverage-guided Linux system call fuzzer

  •    Go

syzkaller is an unsupervised coverage-guided Linux kernel fuzzer.The project mailing list is syzkaller@googlegroups.com. You can subscribe to it with a google account or by sending an email to syzkaller+subscribe@googlegroups.com.

honggfuzz - Security oriented fuzzer with powerful analysis options

  •    C

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options. See USAGE for more data on the usage.The examples directory contains code demonstrating (among others) how to use honggfuzz to find bugs in the OpenSSL library and in the Apache web server.

nuf-fuzzer

  •    C

nuf-fuzzer is a powerfull browser fuzzer based on mangleme fuzzer concept. It will be possible to fuzz html tags, css tags javascript functions and DOM objects.

kAFL - A fuzzer for full VM kernel/driver targets

  •    Python

This is a fork of the kAFL kernel fuzzer. It can be used for targets that execute efficiently as Qemu/KVM guests, including BIOS, custom kernels and full-blown Linux VMs. kAFL uses Qemu/KVM and Intel PT to provide fast execution and coverage feedback. This allows to run many x86 FW and OS kernels with any desired toolchain and without major modifications.


KernelFuzzer - Cross Platform Kernel Fuzzer Framework

  •    C

This is the core Kernel Fuzzer, with example library calls and Syscalls to start fuzzing Windows. The fuzzer has been tested on Windows 7 / 10, OS X and QNX. Compile binary for your system using the included .bat scripts for the correct architecture (Windows only!). Tested using Visual Studio 2013 - if you use a different version of VS, edit the script to point at your copy of 'vcvarsall.bat'.

Wapiti - Web application vulnerability scanner / security auditor

  •    Python

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. It is able to differentiate ponctual and permanent XSS vulnerabilities.

PowerFuzzer

  •    Python

Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and other

Simple Fuzzer

  •    C

Simple Fuzzer is a simple fuzzing framework which allows rapid development of protocol fuzzers for blackbox testing. It can fuzz across networks using TCP/UDP, IP4/IP6, and can be extended via plugins to perform in-depth fuzzing.

radamsa - a general-purpose fuzzer

  •    Scheme

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main selling points of radamsa are that it has already found a slew of bugs in programs that actually matter, it is easily scriptable and easy to get up and running. Programming is hard. All nontrivial programs have bugs in them. What's more, even the simplest typical mistakes are in some of the most widely used programming languages usually enough for attackers to gain undesired powers.

trinity - Linux system call fuzzer

  •    C

Linux system call fuzzer

choronzon - An evolutionary knowledge-based fuzzer

  •    Python

This document aims to explain in brief the theory behind Choronzon. Moreover, it provides details about its internals and how one can extend Choronzon to meet new requirements. An overview of the architecture of Choronzon was initially presented at the ZeroNights 2015 Conference. A recording of the presentation and the slide deck are also available. Choronzon is an evolutionary fuzzer. It tries to imitate the evolutionary process in order to keep producing better results. To achieve this, it has an evaluation system to classify which of the fuzzed files are interesting and which should be dropped.

BlackWidow - A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website

  •    Python

BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. This software is released under the GNU General Public License v3.0. See LICENSE.md for details.

jazzer - Coverage-guided, in-process fuzzing for the JVM

  •    C++

Jazzer is a coverage-guided, in-process fuzzer for the JVM platform developed by Code Intelligence. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. The JVM bytecode is executed inside the fuzzer process, which ensures fast execution speeds and allows seamless fuzzing of native libraries.

kernel-fuzzer-for-xen-project - VMI Kernel Fuzzer for Xen Project - VM forking, VMI & AFL integration demo

  •    C

This project is intended to illustrate the harnessing required to fuzz a Linux kernel module using AFL through the Xen VMI API. The tool utilizes Xen VM forks to perform the fuzzing, thus allowing for parallel fuzzing/multiple AFL instances to fuzz at the same time. Coverage guidance for AFL is achieved using Capstone to dynamically disassemble the target code to locate the next control-flow instruction. The instruction is breakpointed and when the breakpoint triggers, MTF is activated to advance the VM ahead, then the processes is repeated again. The tool allows fine-tuning how many control-flow instructions to allow the fuzzing to encounter before terminating. This provides an alternative to timing out the fuzzing process. Hardware requirements: Intel CPU with VT-x and EPT enabled.

fuzzowski - the Network Protocol Fuzzer that we will want to use.

  •    Python

The idea is to be the Network Protocol Fuzzer that we will want to use.

fuzzilli - A JavaScript Engine Fuzzer

  •    Swift

A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated to JavaScript. Written and maintained by Samuel Groß, saelo@google.com.

Jackalope - Binary, coverage-guided fuzzer for Windows and macOS

  •    C++

Jackalope is a customizable, distributed, coverage-guided fuzzer that is able to work with black-box binaries. Jackalope does not currently include advanced mutation strategies. Instead it ships with a set of generic mutators, which will work for many targets, however the users are encouraged to write custom mutators and mutation strategies according to the targets they want to fuzz.

URL-Detector - A Java library to detect and normalize URLs in text

  •    Java

The url detector is a library created by the Linkedin Security Team to detect and extract urls in a long piece of text.Note: Keep in mind that for security purposes, its better to overdetect urls and check more against blacklists than to not detect a url that was submitted. As such, some things that we detect might not be urls but somewhat look like urls. Also, instead of complying with RFC 3986 (http://www.ietf.org/rfc/rfc3986.txt), we try to detect based on browser behavior, optimizing detection for urls that are visitable through the address bar of Chrome, Firefox, Internet Explorer, and Safari.

Malybuzz

  •    Python

Malybuzz is a multiprotocol and stateful network fuzzer to check the security of applications. Thanks to Malybuzz some new vulnerabilities have been discovered.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.