Thursday, November 26, 2009

FireFuzzer - Fuzzing Tool has been Released

A Penetration Testing tool intended to find vulnerabilities in Web Pages especially Buffer Overflow and XSS

Firefuzzer is expected to perform black-box scans over the web pages. It will target the web page URL which is passed as an argument via command line and will mark the textboxes within the HTML forms to inject unacceptable data. Then, FireFuzzer will inject random textual data and submit the forms to see whether Exceptions are generated.

Intended vulnerabilities expected to be targeted include:
Buffer Overflow
Database Injection (SQL Injections)
File Handling Errors (fopen, readfile…)
XSS (Cross Site Scripting) Injection

Download: http://code.google.com/p/firefuzzer/downloads/list

Video demonstration: http://www.youtube.com

No comments: