Python Fuzzing

Open-source Python projects categorized as Fuzzing | Edit details

Top 14 Python Fuzzing Projects

  • GitHub repo dirsearch

    Web path scanner

    Project mention: Release dirsearch v0.4.2 - Web Path Scanner | reddit.com/r/netsec | 2021-09-12
  • GitHub repo hypothesis

    Hypothesis is a powerful, flexible, and easy to use library for property-based testing.

    Project mention: Internship in software testing - is it worth it? | reddit.com/r/cscareerquestionsEU | 2021-12-06

    My internship and current job revolved automated testing and it's super interesting, although I've been in the very unique position to utilise property-based techniques. I defo wouldn't look down on automated testing roles, but would say you should be cautious about manual.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • GitHub repo dnstwist

    Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.

  • GitHub repo Raccoon

    A high performance offensive security tool for reconnaissance and vulnerability scanning (by evyatarmeged)

    Project mention: Automatic target scanning | reddit.com/r/hacking | 2021-11-28

    There are also dir scanners like Raccoon, https://github.com/evyatarmeged/Raccoon

  • GitHub repo boofuzz

    A fork and successor of the Sulley Fuzzing Framework

    Project mention: Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021 | reddit.com/r/sysadmin | 2021-04-07

    The one thing that's not really fully encapsulated in a lot of these comment chains below is the role of custom written fuzzers for competitions like this. Frameworks like AFL, BooFuzz, etc. A properly written test file will allow for most of the hunting to happen automagically by tampering with function calls or inputs until something crashes. By configuring an environment appropriately, you can run millions of test cases, and get the crashes logged to parse through later. This allows the researchers/exploit writers to only focus on the exceptions/traces that seem the most fruitful. This is one methodology, it's not the case for everyone, but most codebases are too big to go through the ASM by hand these days.

  • GitHub repo CrossHair

    An analysis tool for Python that blurs the line between testing and type systems.

    Project mention: Klara: Python automatic test generations and static analysis library | reddit.com/r/Python | 2021-09-13

    The main difference that Klara bring to the table, compared to similar tool like pynguin and Crosshair is that the analysis is entirely static, meaning that no user code will be executed, and you can easily extend the test generation strategy via plugin loading (e.g. the options arg to the Component object returned from function above is not needed for test coverage).

  • GitHub repo deepstate

    A unit test-like interface for fuzzing and symbolic execution

    Project mention: Go: Fuzzing Is Beta Ready | news.ycombinator.com | 2021-06-04

    DeepState [1] is a tool that lets you write Google Test-style unit tests, as well as property tests, in either C or C++, and plug in fuzzers and symbolic executors. That is, DeepState bridges this gap between fuzz testing and property testing.

    [1] https://github.com/trailofbits/deepstate

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • GitHub repo netzob

    Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols.

  • GitHub repo FormatFuzzer

    FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

    Project mention: FormatFuzzer: A framework for efficient and quality generation of binary inputs | news.ycombinator.com | 2021-10-31
  • GitHub repo FDsploit

    File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

    Project mention: chrispetrou/FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool. | reddit.com/r/GithubSecurityTools | 2021-08-11
  • GitHub repo grammarinator

    ANTLR v4 grammar-based test generator

    Project mention: GitHub - renatahodovan/grammarinator: ANTLR v4 grammar-based test generator | reddit.com/r/fuzzing | 2021-09-22
  • GitHub repo SourceWolf

    Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

    Project mention: Spidering tools /Param Mining | reddit.com/r/bugbounty | 2021-07-19

    Here

  • GitHub repo Blinder

    Blinder is a tool that will help you simplify the exploitation of blind SQL injection

    Project mention: Blinder: Herramienta para simplificar la explotación de Blind SQL Injection 🏹 | reddit.com/r/u_esgeeks | 2021-12-04
  • GitHub repo linux-russian-roulette

    Like Russian roulette, but for your kernel.

    Project mention: SyzScope is a research project that aims to reveal high-risk security bugs found by Syzbot | reddit.com/r/fuzzing | 2021-11-11

    It's time to plug my research lol https://github.com/thebabush/linux-russian-roulette

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-12-06.

Python Fuzzing related posts

Index

What are some of the best open-source Fuzzing projects in Python? This list will help you:

Project Stars
1 dirsearch 7,400
2 hypothesis 5,618
3 dnstwist 3,159
4 Raccoon 2,356
5 boofuzz 1,441
6 CrossHair 735
7 deepstate 667
8 netzob 630
9 FormatFuzzer 286
10 FDsploit 230
11 grammarinator 211
12 SourceWolf 107
13 Blinder 10
14 linux-russian-roulette 9
Find remote jobs at our new job board 99remotejobs.com. There are 29 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
OPS - Build and Run Open Source Unikernels
Quickly and easily build and deploy open source unikernels in tens of seconds. Deploy in any language to any cloud.
github.com/nanovms