Fast web fuzzer written in Go

Web path scanner

Web Pentesting Fuzz 字典,一个就够了。

syzkaller is an unsupervised coverage-guided kernel fuzzer

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Ethereum smart contract fuzzer

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).

pentest framework

CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.

Coverage-guided, in-process fuzzing for the JVM

DotDotPwn - The Directory Traversal Fuzzer

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Documenting the Xilinx 7-series bit-stream format.

A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

coverage guided fuzz testing for javascript

Windows NT x64 syscall fuzzer

SSL and TLS protocol test suite and fuzzer