API Fuzzer vs. FuzzDB vs. OWASP WSFuzzer vs. PHP Secure Comparison


API Fuzzer Fuzzapi	FuzzDB	OWASP WSFuzzer OWASP	PHP Secure
Learn More Update Features	Learn More Update Features	Learn More Update Features	Learn More Update Features



About API Fuzzer allows to fuzz-request attributes using common pentesting techniques and lists vulnerabilities. API Fuzzer gem accepts an API request as input and returns vulnerabilities possible in the API. Cross-site scripting vulnerability, SQL injection, blind SQL injection, XML external entity vulnerability, IDOR, API rate limiting, open redirect vulnerabilities, information disclosure flaws, info leakage through headers, and cross-site request forgery vulnerability.	About FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by the attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, HTTP header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods and name-value pairs that trigger debug modes.	About Fuzz testing or fuzzing is a software testing technique, that basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. Let’s consider an integer in a program, which stores the result of a user’s choice between 3 questions. When the user picks one, the choice will be 0, 1, or 2, which makes three practical cases. Integers are stored as a static size variable. If the default switch case hasn’t been implemented securely, the program may crash and lead to “classical” security issues. Fuzzing is the art of automatic bug finding, and its role is to find software implementation faults and identify them if possible. A fuzzer is a program that automatically injects semi-random data into a program/stack and detects bugs. The data-generation part is made of generators, and vulnerability identification relies on debugging tools. Generators usually use combinations of static fuzzing vectors.	About PHP Secure is a FREE code scanner that analyzes your PHP code for critical security vulnerabilities. Free online scanner: - Quickly and qualitatively finds web app vulnerabilities - Gives explicit reports and recommendations to fix vulnerabilities - Easy to use and requires no specialized knowledge - Reduces risk, saves budget, and boosts productivity PHP Secure Scanner is suitable for analyzing sites on Php, framework Laravel, and CMS Wordpress, Drupal and Joomla. PHP Secure detects the most common and dangerous types: -SQL injection vulnerabilities -Command Injection -Cross-Site Scripting (XSS) Vulnerabilities -PHP Serialize Injections -Remote Code Executions -Double Escaping -Directory Traversal -Regular Expression Denial of Service (ReDos)
Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook	Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook	Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook	Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook
Audience Individuals wanting a tool to find vulnerabilities in their code and test their applications	Audience Anyone requiring a security scanner solution to test their application protocols	Audience Professional users looking for a solution to find bugs automatically	Audience CEO, Founder, Co-founder, whose websites have already been hacked before and who has real risks of losing money.
Support Phone Support 24/7 Live Support Online	Support Phone Support 24/7 Live Support Online	Support Phone Support 24/7 Live Support Online	Support Phone Support 24/7 Live Support Online
API Offers API	API Offers API	API Offers API	API Offers API
Screenshots and Videos View more images or videos	Screenshots and Videos View more images or videos	Screenshots and Videos View more images or videos	Screenshots and Videos View more images or videos
Pricing Free Free Version Free Trial	Pricing Free Free Version Free Trial	Pricing No information available. Free Version Free Trial	Pricing No information available. Free Version Free Trial
Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software	Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software	Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software	Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software
Training Documentation Webinars Live Online In Person	Training Documentation Webinars Live Online In Person	Training Documentation Webinars Live Online In Person	Training Documentation Webinars Live Online In Person
Company Information Fuzzapi github.com/Fuzzapi/API-fuzzer	Company Information FuzzDB github.com/fuzzdb-project/fuzzdb	Company Information OWASP United States owasp.org/www-community/Fuzzing	Company Information PHP Secure Founded: 2022 United Kingdom phpsecure.net
Alternatives Vega Subgraph	Alternatives OWASP WSFuzzer OWASP	Alternatives ClusterFuzz Google	Alternatives Vega Subgraph
Wapiti	API Fuzzer Fuzzapi	Google ClusterFuzz Google	WebScanner DefenseCode
OWASP WSFuzzer OWASP	Wfuzz	Fuzzing Project	Wapiti
Awesome Fuzzing secfigo	CI Fuzz Code Intelligence	FuzzDB	API Fuzzer Fuzzapi
Honggfuzz Google View All	Wapiti View All	LibFuzzer LLVM Project View All	WebReaver Websecurify View All
Categories Fuzz Testing	Categories Fuzz Testing	Categories Fuzz Testing	Categories Vulnerability Scanners
			Show More Features Vulnerability Scanners Features Asset Discovery Black Box Scanning Compliance Monitoring Continuous Monitoring Defect Tracking Interactive Scanning Logging and Reporting Network Mapping Perimeter Scanning Risk Analysis Threat Intelligence Web Inspection
Integrations BlackArch Linux CI Fuzz GitHub GitLab NoSQL OWASP ZAP PHP Ruby View All 1 Integration	Integrations BlackArch Linux CI Fuzz GitHub GitLab NoSQL OWASP ZAP PHP Ruby View All 3 Integrations	Integrations BlackArch Linux CI Fuzz GitHub GitLab NoSQL OWASP ZAP PHP Ruby View All 1 Integration	Integrations BlackArch Linux CI Fuzz GitHub GitLab NoSQL OWASP ZAP PHP Ruby View All 3 Integrations
Claim API Fuzzer and update features and information Claim API Fuzzer and update features and information	Claim FuzzDB and update features and information Claim FuzzDB and update features and information	Claim OWASP WSFuzzer and update features and information Claim OWASP WSFuzzer and update features and information	Claim PHP Secure and update features and information Claim PHP Secure and update features and information