Fuzzgrind is an automatic fuzzing tool which you can use to automate your fuzzing , testing, and other activity
Fuzzgrind fully automatic fuzzing tool, generating test files with the purpose of discovering new execution paths likely to trigger bugs and potentially vulnerabilities.
Fuzzgrind is based on the concept of symbolic execution. The tool starts from a file considered valid by the software under test, and analyses the execution path to extract any constraints tied to branch instructions followed by this software. By resolving constraints one by one, Fuzzgrind will alter the valid file to explore possible new branches of the software under test, in order to discover new vulnerabilities.
With this tool you can automate the same process but you cannot integrate it with other fuzzers. Thing is security professional cannot fuzz on live servers (once in a blue moon)for testing you need testing or UAT servers and thats were the catch is.
Simple to install and run
1. ./install
2. change the seting as per your need fuzz/settings.cfg
3. ./fuzz/gui.py
Download Fuzzgrind Here
Have Fun !!!
Related External Links
Searches leading to this post:
fuzzgrind,
utiliser Fuzzgrind help
If you enjoyed this article, you might also like:
- December 28, 2009 -- Microsoft IIS Zero Day Still Open!
A vulnerability has been identified in the Microsoft Internet Information Services (IIS) where the s... - August 8, 2010 -- iKAT: The Interactive Kiosk Attack Tool for all!
Designed as a SaaS, iKAT features many methods of escaping out of a browser jailed environment and g... - July 29, 2010 -- FuzzDiff : Tool for crash analysis during fuzz testing
A simple tool designed to help out with crash analysis during fuzz testing. It selectively "un-fuzze... - July 12, 2010 -- UPDATE: fuzzdb v1.08!
We have talked about fuzzdb in detail here. Now, it has been updated to version 1.08! fuzzdb helps ... - July 1, 2010 -- UPDATE: JBroFuzz 2.3!
OWASP has yet again updated and released the newest version of their fine tool – JBroFuzz. The curr... - June 29, 2010 -- UPDATE: Netsparker Community Edition 1.5.0.0!
We have detailed talked about Netsparker Community Edition here. Now it has been updated to the late... - June 23, 2010 -- Easy and Effective Way for Setting up a DNS Sinkhole!
Procedure and network admins talk about plugging all of the holes and securing their network of deni... - June 18, 2010 -- Integrate Nmap with NSE for Vulnerability Scanner.
Performing a vulnerability scan is extremely resources consuming. Why not add a effortless vulnerabi... - June 8, 2010 -- POET : Padding Oracle Exploit Tool
Practical Padding Oracle AttacksAt Eurocrypt 2002, Vaudenay introduced a powerful side-channel a...
Tagged as: application security, Fuzzer
Comments on this entry are closed.