About
API Fuzzer allows to fuzz-request attributes using common pentesting techniques and lists vulnerabilities. API Fuzzer gem accepts an API request as input and returns vulnerabilities possible in the API. Cross-site scripting vulnerability, SQL injection, blind SQL injection, XML external entity vulnerability, IDOR, API rate limiting, open redirect vulnerabilities, information disclosure flaws, info leakage through headers, and cross-site request forgery vulnerability.
|
About
FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by the attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, HTTP header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods and name-value pairs that trigger debug modes.
|
About
LibFuzzer is an in-process, coverage-guided, evolutionary fuzzing engine. LibFuzzer is linked with the library under test, and feeds fuzzed inputs to the library via a specific fuzzing entry point (or target function); the fuzzer then tracks which areas of the code are reached, and generates mutations on the corpus of input data in order to maximize the code coverage. The code coverage information for libFuzzer is provided by LLVM’s SanitizerCoverage instrumentation. LibFuzzer is still fully supported in that important bugs will get fixed. The first step in using libFuzzer on a library is to implement a fuzz target, a function that accepts an array of bytes and does something interesting with these bytes using the API under test. Note that this fuzz target does not depend on libFuzzer in any way so it is possible and even desirable to use it with other fuzzing engines like AFL and/or Radamsa.
|
About
PHP Secure is a FREE code scanner that analyzes your PHP code for critical security vulnerabilities. Free online scanner:
- Quickly and qualitatively finds web app vulnerabilities
- Gives explicit reports and recommendations to fix vulnerabilities
- Easy to use and requires no specialized knowledge
- Reduces risk, saves budget, and boosts productivity
PHP Secure Scanner is suitable for analyzing sites on Php, framework Laravel, and CMS Wordpress, Drupal and Joomla.
PHP Secure detects the most common and dangerous types:
-SQL injection vulnerabilities
-Command Injection
-Cross-Site Scripting (XSS) Vulnerabilities
-PHP Serialize Injections
-Remote Code Executions
-Double Escaping
-Directory Traversal
-Regular Expression Denial of Service (ReDos)
|
|||
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
|||
Audience
Individuals wanting a tool to find vulnerabilities in their code and test their applications
|
Audience
Anyone requiring a security scanner solution to test their application protocols
|
Audience
Users requiring a fuzzing engine to analyze their code and applications
|
Audience
CEO, Founder, Co-founder, whose websites have already been hacked before and who has real risks of losing money.
|
|||
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
|||
API
Offers API
|
API
Offers API
|
API
Offers API
|
API
Offers API
|
|||
Screenshots and Videos |
Screenshots and Videos |
Screenshots and Videos |
Screenshots and Videos |
|||
Pricing
Free
Free Version
Free Trial
|
Pricing
Free
Free Version
Free Trial
|
Pricing
Free
Free Version
Free Trial
|
Pricing
No information available.
Free Version
Free Trial
|
|||
Reviews/
|
Reviews/
|
Reviews/
|
Reviews/
|
|||
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
|||
Company InformationFuzzapi
github.com/Fuzzapi/API-fuzzer
|
Company InformationFuzzDB
github.com/fuzzdb-project/fuzzdb
|
Company InformationLLVM Project
Founded: 2003
llvm.org/docs/LibFuzzer.html
|
Company InformationPHP Secure
Founded: 2022
United Kingdom
phpsecure.net
|
|||
Alternatives |
Alternatives |
Alternatives |
Alternatives |
|||
|
|
|
|
||||
|
|
|
|
||||
|
|
|
|
||||
|
|
|
|
||||
Categories |
Categories |
Categories |
Categories |
|||
Vulnerability Scanners Features
Asset Discovery
Black Box Scanning
Compliance Monitoring
Continuous Monitoring
Defect Tracking
Interactive Scanning
Logging and Reporting
Network Mapping
Perimeter Scanning
Risk Analysis
Threat Intelligence
Web Inspection
|
||||||
Integrations
Atheris
BlackArch Linux
C
C++
ClusterFuzz
Fuzzbuzz
GitHub
GitLab
Google ClusterFuzz
Jazzer
|
Integrations
Atheris
BlackArch Linux
C
C++
ClusterFuzz
Fuzzbuzz
GitHub
GitLab
Google ClusterFuzz
Jazzer
|
Integrations
Atheris
BlackArch Linux
C
C++
ClusterFuzz
Fuzzbuzz
GitHub
GitLab
Google ClusterFuzz
Jazzer
|
Integrations
Atheris
BlackArch Linux
C
C++
ClusterFuzz
Fuzzbuzz
GitHub
GitLab
Google ClusterFuzz
Jazzer
|
|||
|
|
|
|
|
