vFeed


Tools no image

Published on May 27th, 2011 | by NJ Ouchn

0

nuf-fuzzer v0.0.1 pre-release available

nuf-fuzzer will be browser fuzzer written in C inspired by mangleme. It will be complex browser fuzzer with integrated HTTP server and logger. It will use several sophisticated algorythms to generate payloads.

 

Features:

  • HTML tags fuzzing
  • CSS tags fuzzing
  • DOM objects fuzzing
  • javascript functions fuzzing
  • designed to run as daemon
  • logging
  • various payload algorithms

 

Use:

For compilation use Makefile in root directory. Then you can use nuf-fuzzer with following way from command line:

nuf-fuzzer [ -rc CLIENTCOMMAND ] [-p SERVERPORT ] [ -en ERRORCOUNT ]

nuf-fuzzer run server, then run browser and redirect it to address of runned server and port on what is server runned. Then testing browser with automatic generated payloads, while is searched error. When is reached error browser is runs again.
You can run nuf-fuzzer with following parameters:

CLIENTCOMMAND – this command is use to run client browser and redirect it to required address

SERVERPORT – integer number, on this number is run HTTP server

ERRORCOUNT – integer number, that means count of reached errors(browser is running again ERRORCOUNT times)

Example for Win+cygwin:

Example of use

 

Implementation:

nuf-fuzzer will be implemented like it is show at follow image as abstract class diagram.

Class diagram

Tags: , , , ,


About the Author

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"



Back to Top ↑