Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program's reaction to providing invalid, unexpected, or random data as inputs to a computer program.
A collection of various awesome lists for hackers, pentesters and security researchers
Web path scanner
OSS-Fuzz - continuous fuzzing for open source software.
the champagne of beta embedded databases
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
You Know, For WEB Fuzzing ! 日站用的字典。
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
syzkaller is an unsupervised coverage-guided kernel fuzzer
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
Scalable fuzzing infrastructure.
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
An step by step fuzzing tutorial. A GitHub Security Lab initiative
A high performance offensive security tool for reconnaissance and vulnerability scanning
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Created by Barton Miller
Released September 1988