This tool intends to use fuzz-testing methods to find various vulnerabilities in server-side JavaScript code, in particular, in NodeJS. JSFuzz is widely based on AFL as a coverage-oriented fuzzer, with modifications to meet the requirements of dynamic languages in general, and JavaScript in particular. In contrast with existing tools, JSFuzz intends to find vulnerabilities using White-Box fuzzing methods combined with gathering vital data using static analysis.
For more details visit FuzzMon's wiki page
For installation and basic usage examples of FuzzMon, please visit the getting started wiki page
The code in this repository was written by Benny Zeltser (https://github.com/benny-z)