Fuzzing

  • wfuzz - Web application fuzzer

  • ffuf - Fast web fuzzer written in Go

  • fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

  • IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

  • fuzz.txt - Potentially dangerous files

  • fuzzilli - A JavaScript Engine Fuzzer

  • fuzzapi - Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

  • qsfuzz - qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Last updated