Skip to content

catenacyber/webfuzz

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

corprint

corprint

 
 

libfuzzer

libfuzzer

 
 

pcap2corp

pcap2corp

 
 

stringdict

stringdict

 
 

webfuzz

webfuzz

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

compile.txt

compile.txt

 
 

Repository files navigation

webfuzz

This is a fuzzer against web applications. It uses request URI and response to infer some coverage to guid fuzzing It uses libFuzzer extra counters

Utils

  • Pcap2corp : takes a pcap as input and extracts a seed corpus out of it (ie the HTTP requests)
  • stringdict : parses a Go file and extract the constant strings out of them to generate a libFuzzer dictionary

TODOs

  • use the replies to infer URIs and parameters (ie add them to the dictionary) ie crawling capabilities
  • have a flexible way to get more valid requests (ie less fuzzing of the HTTP protocol, and the json parser...)
  • find duplicate coverage (ie if uri /foo/bar, /foo/baz and /foo/whatever are aliases to the same code)
  • create an authenticated session (without needing to reuse the cookie from the seed corpus)

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

28 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages