A useful tool for fuzz job.
Project description
NFuzz
NFuzz has been created to conduct fuzzy testing and it is based on a simple concept: it generates the FUZZ keywords by an excellent fuzz grammar method that is created by this job. And it also provides a
Installation
To install NFuzz, simply use pip:
pip install nfuzz
Usage
A simple webFuzzer example base on Baidu homepage:
from nfuzz.WebFuzzer import WebFormFuzzer
from nfuzz.WebFuzzer import WebRunner
import requests
if __name__ == "__main__":
print('\n### A WebFormFuzzer')
httpd_url = "https://www.baidu.com/"
base_url = "https://www.baidu.com/"
web_form_fuzzer = WebFormFuzzer(httpd_url)
web_form_fuzzer.fuzz()
web_form_runner = WebRunner(base_url)
out = web_form_fuzzer.runs(web_form_runner, 100000)
print(out)
Generate random characters
from nfuzz.Fuzzer import RandomFuzzer
if __name__ == "__main__":
print('\n### Generate random characters')
fuzzer = RandomFuzzer()
print(fuzzer.fuzz())
Generate random characters
from nfuzz.Fuzzer import RandomFuzzer
if __name__ == "__main__":
print('\n### Generate random characters')
fuzzer = RandomFuzzer()
print(fuzzer.fuzz())
Generate random characters with MutationFuzzer
from nfuzz.MutationFuzzer import MutationFuzzer
seed_input = "http://www.baidu.com/"
mutation_fuzzer = MutationFuzzer(seed=[seed_input])
for i in range(20):
inp = mutation_fuzzer.fuzz()
print(inp)
Generate random characters with GrammarFuzzer
from nfuzz.GrammarFuzzer import GrammarFuzzer
URL_GRAMMAR = {
"<start>": ["<url>"],
"<url>":
["<scheme>://<domain><path><query>"],
"<scheme>":
["http", "https"],
"<domain>":
["<host>", "<host>:<port>"],
"<host>": # Just a few
["www.baidu.com", "lofter.com"],
"<port>":
["80", "8080", "<nat>"],
"<nat>":
["<digit>", "<digit><digit>"],
"<digit>":
["0", "1", "2", "3", "4", "5", "6", "7", "8", "9"],
"<path>": # Just a few
["", "/", "/<id>"],
"<id>": # Just a few
["abc", "def", "x<digit><digit>"],
"<query>":
["", "?<params>"],
"<params>":
["<param>", "<param>&<params>"],
"<param>": # Just a few
["<id>=<id>", "<id>=<nat>"],
}
if __name__ == "__main__":
f = GrammarFuzzer(URL_GRAMMAR, log=False, min_nonterminals=10)
for i in range(10):
res = f.fuzz()
print(res)
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
nfuzz-0.0.4.tar.gz
(19.9 kB
view details)
Built Distribution
nfuzz-0.0.4-py3-none-any.whl
(25.7 kB
view details)
File details
Details for the file nfuzz-0.0.4.tar.gz.
File metadata
- Download URL: nfuzz-0.0.4.tar.gz
- Upload date:
- Size: 19.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 34799dbec29fb6ad46e5f8746b3020f51517877bf9892044a2a2d47b9ebd48c8 |
|
| MD5 | d2b31e0f1a34e4168ea06fc96473fdc5 |
|
| BLAKE2b-256 | 84a16a563b6765a395aaf0e06573568834d93601139f2723cf1fe0e3ef5e3e5f |
File details
Details for the file nfuzz-0.0.4-py3-none-any.whl.
File metadata
- Download URL: nfuzz-0.0.4-py3-none-any.whl
- Upload date:
- Size: 25.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 575096dc0131c8f959fb61fb0acf2765f29673fb6364b8b958eb5b4de50accd2 |
|
| MD5 | 4e688ad3d2577711cf988528c19eb192 |
|
| BLAKE2b-256 | 7bbc3421c66b561e5a53496347530d71ef2472b705d1665e521569672f45d179 |
