Trending repositories for topic fuzzing
A collection of various awesome lists for hackers, pentesters and security researchers
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
An step by step fuzzing tutorial. A GitHub Security Lab initiative
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.
XNU Image Fuzzer - iOS App for Fuzzing Images with Objective-C Code covering 12 CGCreateBitmap & CGColorSpace Functions working with Raw Data and String Injection.
A coverage-guided fuzzer for pure Ruby code and Ruby C extensions
Coverage-guided, in-process fuzzing for the JVM
Coverage-guided, in-process fuzzing for Node.js
Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
American Fuzzy Lop fork server and instrumentation for pure-Python code
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A collection of various awesome lists for hackers, pentesters and security researchers
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode...
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
An step by step fuzzing tutorial. A GitHub Security Lab initiative
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
XNU Image Fuzzer - iOS App for Fuzzing Images with Objective-C Code covering 12 CGCreateBitmap & CGColorSpace Functions working with Raw Data and String Injection.
AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode...
A fun script to steal Ether from wallets suffering from insufficient entropy during key generation.
A coverage-guided fuzzer for pure Ruby code and Ruby C extensions
📚 An ultimate collection wordlists of the best-known CMS
Coverage-guided, in-process fuzzing for Node.js
Fuzz Introspector -- introspect, extend and optimise fuzzers
A collection of various awesome lists for hackers, pentesters and security researchers
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Developme...
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode...
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect web...
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy
Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.
XNU Image Fuzzer - iOS App for Fuzzing Images with Objective-C Code covering 12 CGCreateBitmap & CGColorSpace Functions working with Raw Data and String Injection.
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A coverage-guided fuzzer for pure Ruby code and Ruby C extensions
A fun script to steal Ether from wallets suffering from insufficient entropy during key generation.
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
A curated list of awesome directed fuzzing research papers
Auto-gen Go fuzzing wrappers from normal code. Finds buggy call sequences, including data races & deadlocks. Supports rich signature types.
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
A structure-aware grey box fuzzer based on modeling the input processing logic.
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect web...
A daily murder mystery to solve in less than 5 mintes!
A collection of tools for security research on Starlink's User Terminal
A comparison of solidity fuzzing tools Foundry, Echidna & Medusa
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
Blogpost about optimizing binary-only fuzzing with AFL++
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy
A collection of various awesome lists for hackers, pentesters and security researchers
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Developme...
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
一款集成了多种老牌工具字典的轻量级目录扫描器,包括御剑后台扫描字典,test404网站备份,web破壳扫描器,御剑1.5扫描字典,御剑专业版字典,wwwscan字典,dirscan字典,dirsafe字典,swebscan
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
ICSE'23 - CoFuzz: Coordinated hybrid fuzzing framework with advanced coordination mode
A comparison of solidity fuzzing tools Foundry, Echidna & Medusa
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.