Hackable HTTP proxy to simulate server failure scenarios, resiliency and unexpected network conditions, built for node.js.It was mainly designed for failure resistance testing, when toxy becomes particularly useful in order to cover fault tolerance and resiliency capabilities of a system, especially in disruption-tolerant networks and service-oriented architectures, where toxy may act as MitM proxy among services in order to inject failure.
http-proxy proxy reactive failure simulation network resiliency failover testing retry http toxic fault tolerant resilient fuzz evil unexpected backoff latency jitter distributed soaGo-fuzz is a coverage-guided fuzzing solution for testing of Go packages. Fuzzing is mainly applicable to packages that parse complex inputs (both text and binary), and is especially useful for hardening of systems that parse inputs from potentially malicious users (e.g. anything accepted over a network).Data is a random input generated by go-fuzz, note that in most cases it is invalid. The function must return 1 if the fuzzer should increase priority of the given input during subsequent fuzzing (for example, the input is lexically correct and was parsed successfully); -1 if the input must not be added to corpus even if gives new coverage; and 0 otherwise; other values are reserved for future use.
fuzz-testing fuzz testing randomized-dataA collection of Burpsuite Intruder payloads and fuzz lists and pentesting methodology. To pull down all 3rd party repos, run install.sh in the same directory of the IntruderPayloads folder. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
burpsuite intruder payloads fuzz-lists fuzzing fuzzMonkey Fuzz stress tests an applications User Interface. It pretends to be a "monkey" on the keyboard, sending random button press and mouse events to a program. It is developed in C#
fuzz fuzz-testing gui-testing mouse-jiggler pinvoke testingPHP Vulnerability Hunter is an whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications.
arbitrary-upload command-injection fuzz fuzzing hacking injection lfiA fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display them in real-time. Common usage of monsoon is also covered in our blog article "Introducing monsoon - a lean and versatile HTTP enumerator".
fast http security enumerator fuzzer fuzzTavor (Sindarin for woodpecker) is a framework for easily implementing and using fuzzing and delta-debugging. Its EBNF-like notation allows you to define file formats, protocols, and other structured data without the need to write source code. Tavor relaxes on the definitions of fuzzing and delta-debugging to enable the usage of its algorithms universally for keyword-driven testing, model-based testing, simulating user-behavior and genetic programming. Tavor is also well-suited for researching new methods without reimplementing basic algorithms.We want to test a service which processes an XML structure. The structure can contain groups and items. A group contains other groups or items. An Item consists of an attribute name with an alphanumeric value. The item's value contains a number. This structure sounds simple but allows an enormous variety of possible outcomes. It is therefore hard to test since a tester has to think about every important possibility if the generation of the test data is done manually. Doing this manually is cumbersome and error-prone. Tavor can be used to automate the generation.
fuzz-testing fuzz testing randomized-dataProperty-based testing for JavaScript via ClojureScript's test.check. test.check is a Clojure property-based testing tool inspired by QuickCheck. The core idea of test.check is that instead of enumerating expected input and output for unit tests, you write properties about your function that should hold true for all inputs. This lets you write concise, powerful tests.
test testing property-based property quickcheck stochastic fuzz fuzzer proper triq stoch afl checkersThe code is under GPLv2 unless specified otherwise in the single files.
apk android javafuzz-android instrument fuzzing fuzzA small, extensible Kotlin library to randomly mutate JSON & XML documents, text and binary data. Useful for fuzz testing. See an interactive demonstration.
fuzz testingjs-fuzz is an American Fuzzy Lop-inspired fuzz tester for JavaScript code. It provides coverage-driven analysis and minimization while being fast and extraordinarily simple to use. In the above example, we asked to increase the priority of strings that can be parsed as plain JSON, since we want more of that sort of thing in order to test against JSON5. You can also return Promises from the fuzz function, or take a callback.
afl american fuzzy lop fuzzer tester fuzzcautious-pancake aims to make fuzzing golang packages easier by identifying pure functions. These functions can be easily fuzzed since they only operate on their direct inputs and do not modify global state. The -filter=impure flag will return all functions deemed impure, including the reason for the determination and the -all flag will display information on private functions as well.
golang-tools fuzz code-generatorThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
fuzzer radamsa security fuzzing fuzz toolHonggfuzz is a security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based).
fuzz fuzzer honggfuzz fuzzing fuzz-testing security security-tools security-testing crates rust-fuzz sanitizerFull setup for fuzzing ImageMagick. Currently (2016-02-07) covers over 30% of the codebase. ImageMagick creates temporary files while running. If ImageMagick crashes, the temporary files are not cleaned up. To prevent the fuzzing machine's hard disk from filling up, you can create a cron job to run rm /tmp/magick-* every hour. For more discussion about this issue, see this bug report.
imagemagick afl fuzz fuzzingfuzzyjs is a fuzzy search algorithm in javascript. fuzzyjs is licensed under MIT License.
fuzzy searching algorithm fuzzFuzz testing JavaScript parsers and suchlike programs. Inspired by esfuzz. Powered by shift-fuzzer and shift-codegen.
babylon parse escodegen acorn shift-codegen esprima fuzz-testing espree ecmascript shift-parser es js random fuzz fuzzer esfuzz shift-fuzzerPackage fuzzing enables easy fuzzing with go-fuzz. The Fuzz object provides functions for generating consistent Go primitive values from a given fuzzed bytes slice. The generated values are promised to be consistent from identical slices. They are also correlated to the given fuzzed slice to enable fuzzing exploration.
testing fuzzing fuzz go-fuzz dvyukov
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.