Security-List/wiki_fuzzing.md
euphrat1ca 26ee6a11c9 262
262
2020-05-06 23:37:06 +08:00

25 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Fuzzer模糊测试
- 工控模糊测试Wurldtech Achilles阿基里斯国际认证
## 模糊测试数据资料
- http://www.freebuf.com/articles/rookie/169413.html //一系列用于Fuzzing学习的资源汇总
- https://github.com/secfigo/Awesome-Fuzzing //Fuzzing模糊测试相关学习资料
- https://github.com/fuzzdb-project/fuzzdb //fuzz资料数据库
- https://github.com/raminfp/linux_exploit_development //linux漏洞利用开发手册
- https://github.com/mozillasecurity/fuzzdata //
## 模糊测试框架工具
- https://github.com/googleprojectzero/winafl //C.Google Project Zero 基于Windows AFL开发的模糊测试框架。原创技术分析-AFL漏洞挖掘技术漫谈
- http://zeroyu.xyz/2019/05/15/how-to-use-afl-fuzz/ //intro.AFL使用指南
- https://github.com/mxmssh/drAFL //C.Linux模糊测试。G:atrosinenko/kbdysch;G:google/oss-fuzz;
- https://github.com/zyw-200/FirmAFL //C.针对iot固件IoT firmware灰盒模糊测试
- https://www.peach.tech/ //C#.Peach3网络协议、API、文件格式模糊测试。G:TideSec/Peach_Fuzzing;
- https://github.com/MozillaSecurity/peach //PY3.MozPeach是Peach v2.7的一个分支由Mozilla Security维护。
- https://mp.weixin.qq.com/s/yYkbysywQXD5l-SS0jQ3_A //intro.使用Peach进行模糊测试从入门到放弃。P:【工控安全】基于Peach的Modbus协议模糊测试;
- https://github.com/cisco-sas/kitty //PY.针对TCP/IP的模糊测试框架。goodjob
- https://kitty.readthedocs.io/en/latest/ //intro.kitty使用手册
- https://github.com/cisco-sas/katnip //PY.kitty框架的拓展库
- https://paper.seebug.org/772/ //INTRO.如何使用 KittyFuzzer 结合 ISF 中的工控协议组件对工控协议进行 Fuzz
- https://github.com/jtpereyda/boofuzz //PY.基于OpenRCE/sulley框架二次开发的网络协议fuzz测试。G:OpenRCE/sulley
- https://github.com/k0keoyo/kDriver-Fuzzer //C.基于ioctlbf框架编写的驱动漏洞挖掘工具kDriver Fuzzer
- https://github.com/google/honggfuzz //C.具有反馈驱动Feedback-Driven的持续性软件代码测试。2k。
- https://github.com/bunzen/pySSDeep //PY.一个基于模糊哈希Fuzzy Hashing算法的工具。G:glaslos/ssdeep;G:ssdeep-project/ssdeep
- http://blog.topsec.com.cn/alphafuzzer/ //启明星辰阿尔法实验室以文件格式为主的漏洞挖掘工具