Friday, March 6, 2015

Web Server/HTTP Fuzzer

Was searching for basic HTTP/Web Server Fuzzer but could not find one.
So ended by writing this quick dirty Fuzzer.

Features

Supports 40 different Request Methods
Supports around 40 Request Headers
Can send invalid request methods and headers
Fuzz Methods and Headers
Fuzz Headers with XSS String(s), blank strings, huge buffer

https://github.com/praveendhac/VulnerabilityResearch/blob/master/WebServer_Fuzzer.py

Please drop comments if you want me to add new feature(s).

2 comments:

  1. Does this Fuzzer only check Advantech/Broadwin Environment?

    ReplyDelete
  2. @clubmaster,
    I was testing Broadwin, you can change the URL as per your requirement

    ReplyDelete