Python Fuzzing

Open-source Python projects categorized as Fuzzing | Edit details

Top 14 Python Fuzzing Projects

  • GitHub repo dirsearch

    Web path scanner

    Project mention: Release dirsearch v0.4.2 - Web Path Scanner | reddit.com/r/netsec | 2021-09-12
  • GitHub repo hypothesis

    Hypothesis is a powerful, flexible, and easy to use library for property-based testing.

    Project mention: Internship in software testing - is it worth it? | reddit.com/r/cscareerquestionsEU | 2021-12-06

    My internship and current job revolved automated testing and it's super interesting, although I've been in the very unique position to utilise property-based techniques. I defo wouldn't look down on automated testing roles, but would say you should be cautious about manual.

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo dnstwist

    Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.

  • GitHub repo Raccoon

    A high performance offensive security tool for reconnaissance and vulnerability scanning (by evyatarmeged)

    Project mention: Automatic target scanning | reddit.com/r/hacking | 2021-11-28

    There are also dir scanners like Raccoon, https://github.com/evyatarmeged/Raccoon

  • GitHub repo boofuzz

    A fork and successor of the Sulley Fuzzing Framework

    Project mention: Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021 | reddit.com/r/sysadmin | 2021-04-07

    The one thing that's not really fully encapsulated in a lot of these comment chains below is the role of custom written fuzzers for competitions like this. Frameworks like AFL, BooFuzz, etc. A properly written test file will allow for most of the hunting to happen automagically by tampering with function calls or inputs until something crashes. By configuring an environment appropriately, you can run millions of test cases, and get the crashes logged to parse through later. This allows the researchers/exploit writers to only focus on the exceptions/traces that seem the most fruitful. This is one methodology, it's not the case for everyone, but most codebases are too big to go through the ASM by hand these days.

  • GitHub repo CrossHair

    An analysis tool for Python that blurs the line between testing and type systems.

    Project mention: Klara: Python automatic test generations and static analysis library | reddit.com/r/Python | 2021-09-13

    The main difference that Klara bring to the table, compared to similar tool like pynguin and Crosshair is that the analysis is entirely static, meaning that no user code will be executed, and you can easily extend the test generation strategy via plugin loading (e.g. the options arg to the Component object returned from function above is not needed for test coverage).

  • GitHub repo deepstate

    A unit test-like interface for fuzzing and symbolic execution

    Project mention: Go: Fuzzing Is Beta Ready | news.ycombinator.com | 2021-06-04

    DeepState [1] is a tool that lets you write Google Test-style unit tests, as well as property tests, in either C or C++, and plug in fuzzers and symbolic executors. That is, DeepState bridges this gap between fuzz testing and property testing.

    [1] https://github.com/trailofbits/deepstate

  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo netzob

    Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols.

  • GitHub repo FormatFuzzer

    FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

    Project mention: FormatFuzzer: A framework for efficient and quality generation of binary inputs | news.ycombinator.com | 2021-10-31
  • GitHub repo FDsploit

    File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

    Project mention: chrispetrou/FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool. | reddit.com/r/GithubSecurityTools | 2021-08-11
  • GitHub repo grammarinator

    ANTLR v4 grammar-based test generator

    Project mention: GitHub - renatahodovan/grammarinator: ANTLR v4 grammar-based test generator | reddit.com/r/fuzzing | 2021-09-22
  • GitHub repo SourceWolf

    Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

    Project mention: Spidering tools /Param Mining | reddit.com/r/bugbounty | 2021-07-19

    Here

  • GitHub repo linux-russian-roulette

    Like Russian roulette, but for your kernel.

    Project mention: SyzScope is a research project that aims to reveal high-risk security bugs found by Syzbot | reddit.com/r/fuzzing | 2021-11-11

    It's time to plug my research lol https://github.com/thebabush/linux-russian-roulette

  • GitHub repo Blinder

    Blinder is a tool that will help you simplify the exploitation of blind SQL injection

    Project mention: Blinder: Herramienta para simplificar la explotación de Blind SQL Injection 🏹 | reddit.com/r/u_esgeeks | 2021-12-04
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-12-06.

Python Fuzzing related posts

Index

What are some of the best open-source Fuzzing projects in Python? This list will help you:

Project Stars
1 dirsearch 7,195
2 hypothesis 5,525
3 dnstwist 3,111
4 Raccoon 2,300
5 boofuzz 1,397
6 CrossHair 704
7 deepstate 668
8 netzob 621
9 FormatFuzzer 256
10 FDsploit 228
11 grammarinator 204
12 SourceWolf 107
13 linux-russian-roulette 9
14 Blinder 9
Find remote jobs at our new job board 99remotejobs.com. There are 32 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com