380 Open source projects that are alternatives of or similar to Clusterfuzz

OSS-Fuzz - continuous fuzzing for open source software.

OpenType font file format fuzzer for Windows

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

This is a repo is to upload files done during my research.

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

Integrates Dependency-Check reports into SonarQube

Advisories, proof of concept files and exploits that have been made public by @pedrib.

快速搭建各种漏洞环境(Various vulnerability environment)

Protocol Learning and Stateful Fuzzing

A curated list of awesome Fuzzing(or Fuzz Testing) for software security

WEB SERVICE SECURITY ASSESSMENT TOOL

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

JQF + Zest: Coverage-guided semantic fuzzing for Java.

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

hacker, ready for more of our story ! 🚀

A friendly car security exploration tool for the CAN bus

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

An small overview of known Android vulnerabilities

Pentest Report Generator

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Fuzzing Browsers

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Performing security tests inside your CI

Snyk's public vulnerability database

ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing

WinAppDbg Debugger

CVE Alerting Platform

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

DARPA Challenges Sets for Linux, Windows, and macOS

A list of web application security

Fuzzing resources for feeding various fuzzers with input. 🔧

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

Web Pentesting Fuzz 字典,一个就够了。

A vulnerability scanner for container images and filesystems

Snyk CLI scans and monitors your projects for security vulnerabilities.

Randomized testing for Go

Fuzzer for Linux Kernel Drivers

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Infosec Wordlists

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.

Fuzzing framework written in python

Fuzzing cryptographic libraries. Magic bug printer go brrrr.

Security advisory database for Rust crates published through crates.io

Hunt for security weaknesses in Kubernetes clusters

swiss army knife for hackers

A few SQL and XSS attack tools

This experimetal fuzzer is meant to be used for API in-memory fuzzing.

Thin interface for libFuzzer, an in-process, coverage-guided, evolutionary fuzzing engine.

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Compress long exception traces down to short signatures

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

PyJFuzz - Python JSON Fuzzer

Python based tool for testing whether your API conforms to its Swagger schema

ConPan: Analyze your Docker container in peace

Produce code coverage results with gcov from afl-fuzz test cases