Fuzzowski – The Network Protocol Fuzzer That We Will Want To Use

From kitploit.com

The idea is to be the Network Protocol Fuzzer that we will want to use.
The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to define the communications, helping to identify the “suspects” of crashing a service, and much more

  • Data Generation modules fully recoded (Primitives, Blocks, Requests)
    • Improved Strings fuzzing libraries, allowing also for custom lists, files and callback commands
    • Variable data type, which takes a variable set by the session, the user or a Response
  • Session fully recoded. Now it is based on TestCases, which contains all the information needed to perform the request, check the response, store data such as errors received, etc.
  • Responses added. Now you can define responses with s_response(), This allows to check the response from the server, set variables and even perform additional tests on the response to check if something is wrong
  • Monitors now automatically mark TestCases as suspect if they fail
  • Added the IPP (Internet Printing Protocol) Fuzzer that we used to find several vulnerabilities in different printer brands during our printers research project (https://www.youtube.com/watch?v=3X-ZnlyGuWc&t=7s)

Read more…