Results 1 to 2 of 2

Thread: fuzzdb: Attack and Discovery Pattern Database for Web Application Fuzz Testing

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    1

    Default fuzzdb: Attack and Discovery Pattern Database for Web Application Fuzz Testing

    fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for intelligent brute force testing and exploit condition identification of web applications, categorized by attack type, platform, and application.

    It's like a non-automated open source scanner without the scanner. I most frequently use it with Burp Intruder.

    fuzzdb - Project Hosting on Google Code

    You use the download .tgz expanded and installed using your own .deb based package system. It's contents are an anonymous svn checkout, so someone could update on the fly from the repo or just wait for your .deb repo to get the new download version.

  2. #2
    Just burned his ISO
    Join Date
    Sep 2008
    Posts
    10

    Default Re: fuzzdb: Attack and Discovery Pattern Database for Web Application Fuzz Testing

    Good resource routinely used in pentest. This should be added.

Similar Threads

  1. Looking to learn web application testing, any pointers?
    By natedmac in forum Experts Forum
    Replies: 12
    Last Post: 05-28-2010, 02:53 PM
  2. WPA TKIP RC4 keystream discovery attack Part.2
    By vertigo in forum OLD Wireless
    Replies: 1
    Last Post: 03-30-2010, 02:03 AM
  3. Testing cold fusion application ????
    By while in forum OLD BackTrack 4 General Support
    Replies: 0
    Last Post: 01-21-2010, 02:44 PM
  4. fuzz messenger
    By narfu in forum OLD Pentesting
    Replies: 2
    Last Post: 07-21-2008, 07:07 PM
  5. Testing web based application
    By Magnet in forum OLD BackTrack v2.0 Final
    Replies: 5
    Last Post: 08-01-2007, 07:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •