boofuzz
A fork and successor of the Sulley Fuzzing Framework (by jtpereyda)
Fuzzie
A VSCode GUI-based fuzzer for Rest API and GraphQL (by weixian-zhang)
boofuzz | Fuzzie | |
---|---|---|
1 | 1 | |
1,960 | 5 | |
- | - | |
7.3 | 6.0 | |
10 days ago | about 2 months ago | |
Python | Python | |
GNU General Public License v3.0 only | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
boofuzz
Posts with mentions or reviews of boofuzz.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-04-07.
-
Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021
The one thing that's not really fully encapsulated in a lot of these comment chains below is the role of custom written fuzzers for competitions like this. Frameworks like AFL, BooFuzz, etc. A properly written test file will allow for most of the hunting to happen automagically by tampering with function calls or inputs until something crashes. By configuring an environment appropriately, you can run millions of test cases, and get the crashes logged to parse through later. This allows the researchers/exploit writers to only focus on the exceptions/traces that seem the most fruitful. This is one methodology, it's not the case for everyone, but most codebases are too big to go through the ASM by hand these days.
Fuzzie
Posts with mentions or reviews of Fuzzie.
We have used some of these posts to build our list of alternatives
and similar projects.
What are some alternatives?
When comparing boofuzz and Fuzzie you can also consider the following projects:
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
libfuzzer - Thin interface for libFuzzer, an in-process, coverage-guided, evolutionary fuzzing engine.
gateCracker
CrossHair - An analysis tool for Python that blurs the line between testing and type systems.
frelatage - Coverage-based fuzzer for python applications
dirsearch - Web path scanner
clusterfuzz - Scalable fuzzing infrastructure.
netzob - Netzob: Protocol Reverse Engineering, Modeling and Fuzzing
hypothesis - Hypothesis is a powerful, flexible, and easy to use library for property-based testing.