nuf-fuzzer v0.0.1 pre-release available
nuf-fuzzer will be browser fuzzer written in C inspired by mangleme. It will be complex browser fuzzer with integrated HTTP server and logger. It will use several sophisticated algorythms to generate payloads.
- HTML tags fuzzing
- CSS tags fuzzing
- DOM objects fuzzing
- designed to run as daemon
- various payload algorithms
For compilation use Makefile in root directory. Then you can use nuf-fuzzer with following way from command line:
nuf-fuzzer [ -rc CLIENTCOMMAND ] [-p SERVERPORT ] [ -en ERRORCOUNT ]
nuf-fuzzer run server, then run browser and redirect it to address of runned server and port on what is server runned. Then testing browser with automatic generated payloads, while is searched error. When is reached error browser is runs again.
You can run nuf-fuzzer with following parameters:
CLIENTCOMMAND – this command is use to run client browser and redirect it to required address
SERVERPORT – integer number, on this number is run HTTP server
ERRORCOUNT – integer number, that means count of reached errors(browser is running again ERRORCOUNT times)
Example for Win+cygwin:
nuf-fuzzer will be implemented like it is show at follow image as abstract class diagram.