Fuzzing is a process that is used during a penetration testing to find out if the application is vulnerable, the process come by sending incorrect data to the targeted application in order to cause a failure or an error situation that security analyst will use as a PoC in their report. Fuzzware is a generic fuzzing framework that can be considered for such operation.
Fuzzware allows to make testcases as required:
- fuzz a file format such as XML file.
- fuzz network protocol or a network service by sending a predefined network packets.
- fuzz an interface that you need to test including web services.
- you can define a custom input that is coming from a code.
you can download Fuzzware 1.5 over this link: http://www.fuzzware.net/download