Fuzz工具下载地址列表以及特点分析

作者:linshifei

去年的时候整理了下业界的fuzz,做了个梳理,现在准备整理下,共享出来.不然,年纪大了就忘了:)

名称 简介 地址 备注
Sulley http://www.fuzzing.org/wp-content/Sulley%20Fuzzing%20Framework.exe Python的fuzzing框架,包括进程监视、网络监视、虚拟机控制
SPIKE SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC). http://www.immunitysec.com/resources-freesoftware.shtml 一个C++的接口 fuzz框架,fuzz http server等比较成熟。
Scratch Scratch is an advanced protocol destroyer (”fuzzer”) which can routinely find a wide variety of vulnerabilities from a simple packet. scratch does complex parsing of binary files to determine what to fuzz with what data. scratch also comes with a framework for fuzzing binary protocols such as SSL and SMB. http://packetstormsecurity.org/UNIX/misc/scratch.rar Python的框架,支持2进制fuzz,主要针对formatstring overflow 等模块fuzz。Audits目录下有些测试用例产生的例子(formatstring overflow 等)
LXAPI Library Exploit API – A selection of python methods designed for bugtesting and exploitation of local and remote vulnerabilities. It includes a fuzz testing compenent, miscellaneous shellcode methods and a simple GUI. LxAPI is currently a work-in-progress. http://lxapi.sourceforge.net/ 没有下载到。
antiparse antiparser is a fuzz testing and fault injection API. The purpose of antiparser is to provide an API that can be used to model network protocols and file formats by their composite data types. Once a model has been created, the antiparser has various methods for creating random sets of data that deviates in ways that will ideally trigger software bugs or security vulnerabilities. Requires Python 2.3 or later. http://antiparser.sourceforge.net/ 基于Python的fuzzing框架,主要提供各种各样的数据变异API
Autodafe Autodafe is a fuzzing framework that can be used to identify boundary validation and other issues in protocols and applications. Written by Martin Vuagnoux. http://packetstormsecurity.org/fuzzer/autodafe-0.1.tar.gz 支持sniffer包 自动生成测试数据,基于block,自动计算block的大小,带调试器,能自动监控 危险函数和测试用例间的情况,比较好的一个。
dfuz a remote protocol fuzzer/triggerer which can do many things such as sending random data/random sizes, together with the data you want. it has alot of ways to tell the program to use this data by using rule files which will be later parsed by the program itself, and with several options and ways to make it very specific, and very flexible. It’s not only a remote protocol fuzzer as itself, but it is a scripting-like motor on which you can create any kind of payload. User-friendly.(Unix) http://www.genexx.org/dfuz/ 一个简单易用的fuzz工具
Evolutionary Fuzzing System (EFS) A fuzzer which attempts to dynamically learn a protocol using code coverage and other feedback mechanisms. http://www.vdalabs.com/tools/efs_gpf.html Python,fuzzing框架,包含进程调试
General Purpose Fuzzer (GPF) Written in C, GPF has a number of modes ranging from simple pure random fuzzing to more complex protocol tokenization. http://www.vdalabs.com/tools/efs_gpf.html C,只有通用的协议
Protocol Informatics Slides, whitepaper and code from the last publicly seen snapshot from Marshall Beddoe’s work. http://www.fuzzing.org/wp-content/Protocol%20Informatics.zip 通过统计的等技术自动识别协议,统计部分比较新颖,其他部分一般。
Schemer XML driven generic file and protocol fuzzer. http://www.fuzzware.net/Schemer/Schemer.htm 基于XML定义格式,协议审计感觉比较麻烦,建议file可以采用,结合模板的形式。
SMUDGE Pure Python network protocol fuzzer from [email protected] http://www.fuzzing.org/wp-content/SMUDGE.zip Python,但是不支持UDP
taof Written in Python, a cross-platform GUI driven network protocol fuzzing environment for both UNIX and Windows systems. http://theartoffuzzing.com/ Python,基于代理模式,不支持UDP
Bruteforce Exploit Detector This is a collection of scripts to automatically test

implementations of different protocols for buffer overflows

and / or format string vulnerabilities, by sending a lot of

long strings to a server.

http://www.cobra-basket.de/bed.html Perl,仅支持FTP/SMTP/POP/HTTP/IRC/IMAP/PJL/LPD/FINGER/SOCKS4/SOCKS5
EFuzz Efuzz is an easy to use Win32 tcp/udp protocol fuzzer

which finds unknown buffer overflows in local and remote services.

Uses config files to define the range of malformed requests.

Includes C source, released under GPL.

http://soft.hackbase.com/page/2004-11-11/202714671777 Win32,C,通过配置文件格式进行fuzzing
zzuf transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data (which more than often comes from untrusted sources on the Internet). It works by intercepting file and network operations and changing random bits in the program’s input. zzuf’s behaviour is deterministic, making it easier to reproduce bugs.(unix) http://sam.zoy.org/zzuf/ File Fuzz 比较强大,建议我们在fuzz file的时候使用。Linux平台。
JBroFuzz a java based stateless network protocol fuzzer for penetration tests. It allows for the identification of certain classes of security bugs, by means of creating malformed data and having the network protocol in question consume the data. http://sourceforge.net/projects/jbrofuzz Java版本
fuzzCIRT a simple fuzzer by Dennis Rand. Looks more suited for ASCII protocols than binary ones, but I could be wrong.(pl) http://www.cirt.dk/tools/ Perl,通过配置文件格式进行fuzzing

相关日志

楼被抢了 9 层了... 抢座Rss 2.0或者 Trackback

  • 游客

    今天好慢啊,慢的受不了,奇怪了,第一次这样。安徽长城宽带。

    • 鬼仔

      我最近也比较慢,前两天海底光缆不是断了吗?服务器放在国外,部分地区访问就是有问题。

  • ellle

    Good!鬼子去xcon了吧?

  • Inet.sec

    鬼仔哥,你的blog我好喜欢,能不能把你的主题给我发一份
    谢谢,感谢,希望得到你的支持萨

  • ellle

    我不行,还没到那个层次呢!xcon都快成一个安全聚会了。孙冰的固件安全不错!貌似国内的固件安全研究还比不上国外深入

  • xysky

    建议把fuzz做个分类:)
    路过兄弟的blog,留名:)

  • bolibei0801

    太好了,太有用了~~~

  • 冷暧自知

    求能给个邀请码。谢谢了

发表评论