Awesome-Mirrors/Awesome-Fuzzing
1
0
Fork 0
mirror of https://github.com/secfigo/Awesome-Fuzzing.git synced 2025-03-12 17:26:41 -04:00
Code Issues Packages Projects Releases Wiki Activity

Added few more fuzzers and two talks to youtube list

Browse Source 
Fuzzers:
ShellPhish Fuzzer
Honggfuzz
Hodor

Talks:
From @hanno and @marcograss
This commit is contained in:
Mohammed A Imran 2016-09-07 08:48:46 +08:00 committed by GitHub
parent c889a76856
commit 801312605e
1 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -84,8 +84,9 @@ IDA Pro - The IDA Pro Book: The Unofficial Guide to the World's Most Popular Dis
<a name="conf-talks-tutorials" />
### Conference talks/tutorials on Fuzzing
[Youtube Playlist of various fuzzing talks and presentations ](https://www.youtube.com/playlist?list=PLtPrYlwXDImiO_hzK7npBi4eKQQBgygLD)
Consider watching talks from Charlie Miller,
[Youtube Playlist of various fuzzing talks and presentations ](https://www.youtube.com/playlist?list=PLtPrYlwXDImiO_hzK7npBi4eKQQBgygLD) - Lots of good content in these videos.
[Browser bug hunting - Memoirs of a last man standing](https://vimeo.com/109380793) - by Atte Kettunen
<a name="tutorials" />
@ -136,6 +137,7 @@ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruptio
[RAM disks and saving your SSD from AFL Fuzzing](http://cipherdyne.org/blog/2014/12/ram-disks-and-saving-your-ssd-from-afl-fuzzing.html)
##### Spike Fuzzer related tutorials
[Fuzzing with Spike to find overflows](http://null-byte.wonderhowto.com/how-to/hack-like-pro-build-your-own-exploits-part-3-fuzzing-with-spike-find-overflows-0162789/)
@ -145,6 +147,10 @@ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruptio
##### FOE Fuzzer related tutorials
[Fuzzing with FOE](https://samsclass.info/127/proj/p16-fuzz.htm) - by Samclass.info
##### SMT/SAT solver tutorials
[Z3 - A guide](http://rise4fun.com/z3/tutorial/guide) - Getting Started with Z3: A Guide
<a name="tools" />
## Tools
@ -162,6 +168,8 @@ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruptio
[Win AFL](https://github.com/ivanfratric/winafl) - A fork of AFL for fuzzing Windows binaries by Ivan Fratic
[Shellphish Fuzzer](https://github.com/shellphish/fuzzer) - A Python interface to AFL, allowing for easy injection of testcases and other functionality.
[TriforceAFL](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/project-triforce-run-afl-on-everything/) - A modified version of AFL that supports fuzzing for applications whose source code not available.
[Peach Fuzzer](https://peachfuzz.sourceforge.net/) - Framework which helps to create custom dumb and smart fuzzers.
@ -172,7 +180,7 @@ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruptio
[rmadair](http://rmadair.github.io/fuzzer/) - mutation based file fuzzer that uses PyDBG to monitor for signals of interest.
[hongfuzz](https://github.com/google/honggfuzz) - A general-purpose, easy-to-use fuzzer with interesting analysis options. Supports feedback-driven fuzzing based on code coverage. Supports GNU/Linux, FreeBSD, Mac OSX and Android.
[honggfuzz](https://github.com/google/honggfuzz) - A general-purpose, easy-to-use fuzzer with interesting analysis options. Supports feedback-driven fuzzing based on code coverage. Supports GNU/Linux, FreeBSD, Mac OSX and Android.
[zzuf](https://github.com/samhocevar/zzuf) - A transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input.
@ -195,6 +203,14 @@ https://www.corelan.be/index.php/2013/02/26/root-cause-analysis-memory-corruptio
[Nightmare](https://github.com/joxeankoret/nightmare) - A distributed fuzzing testing suite with web administration, supports fuzzing using network protocols.
<a name="Misc" />
### Misc. like Kernel Fuzzers, general purpose fuzzer etc.,
[KernelFuzzer](https://github.com/mwrlabs/KernelFuzzer) - Cross Platform Kernel Fuzzer Framework.
[honggfuzz](http://google.github.io/honggfuzz/) - A general-purpose, easy-to-use fuzzer with interesting analysis options.
[Hodor Fuzzer](https://github.com/nccgroup/hodor) - Yet Another general purpose fuzzer.
<a name="taint-analysis" />
### Taint Analysis ( How user input affects the execution)
@ -266,6 +282,8 @@ Exploit-DB - https://www.exploit-db.com
##### Samples files for seeding during fuzzing:
https://files.fuzzing-project.org/
[PDF Test Corpus from Mozilla] (https://github.com/mozilla/pdf.js/tree/master/test/pdfs)
[MS Office file format documentation](https://www.microsoft.com/en-us/download/details.aspx?id=14565)
<a name="contribution"/>