This tool intends to use fuzz-testing methods to find various vulnerabilities in server-side JavaScript
code, in particular, in NodeJS
. JSFuzz is widely based on AFL as a coverage-oriented fuzzer, with modifications to meet the requirements of dynamic languages in general, and JavaScript
in particular. In contrast with existing tools, JSFuzz intends to find vulnerabilities using White-Box fuzzing methods combined with gathering vital data using static analysis.
For more details visit FuzzMon
's wiki page
For installation and basic usage examples of FuzzMon
, please visit the getting started wiki page
The code in this repository was written by Benny Zeltser (https://github.com/benny-z)