Pentest Tools

Published on January 12th, 2016 📆 | 1991 Views ⚑

0

Boofuzz fuzzing framework


Text to Speech Demo

Boofuzz is a fork of and the successor to the Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility, with the eventual goal of being able to fuzz literally anything. Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance.

[adsense size='1']

Features

Like Sulley, boofuzz incorporates all the critical elements of a fuzzer:

  • Easy and quick data generation.
  • Instrumentation, AKA failure detection.
  • Target reset after failure.
  • Recording of test data.

 

Unlike Sulley, boofuzz also features:

  • Much easier install experience!
  • Support for arbitrary communications mediums.
  • Extensible instrumentation/failure detection.
  • Better recording of test data.
  • Far fewer bugs.

 

Sulley is affectionately named after the creature from Monsters Inc., because of his fuzziness.

[adsense size='2']

Prerequisites

Boofuzz requires Python. Recommended installation requires pip.

sudo apt-get install python-pip

 

Binary Install – Windows Only

  1. Download the latest wheel (.whl) file from the releases page.
  2. pip install boofuzz-latest-version.whl

 

From Source

  1. Download source code: https://github.com/jtpereyda/boofuzz
  2. Install. Run pip from within the boofuzz directory:
    • Ubuntu: sudo pip install 
    • Windows: pip install 

Tips:

  • Use the -e option for developer mode, which allows changes to be seen automatically without reinstalling:
    `sudo pip install -e .`
    
  • To install unit test dependencies as well:
    `sudo pip install -e .[testing]`
    
  • If you’re behind a proxy:
    `set HTTPS_PROXY=https://your.proxy.com:port`
    
    • On Linux, also use sudo‘s -E option:sudo -E pip install -e .

[adsense size='3']

Source && Download




Leave a Reply

Your email address will not be published.