Taof 0.2 available now!

Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is specially useful for fast testing of proprietary or undocumented protocols.

Version 0.2 fixes a number of bugs and includes new exciting features such as the implementation of dictionary attacks and the possibility of including a variable length field on the fuzzed request.

Download it from:
http://sourceforge.net/project/showfiles.php?group_id=176014

Here is a summary of all the changes made:

Version 0.2

- Fixed a bug whereby fuzzing points were deleted from the interface but not from the configuration file.
- Added double-clik functionality to the list of requests.
- Added the length of the injected string on the debugging file
- Corrected bug when the user clicked "Stop" during fuzzing sessions
- Several typos on the debugging messages corrected
- Reconnection tries decresed to two
- Finished implementation of variable lenght field
- Now arithmetic signatures have been revised and 3 formats are always sent: ascii, little endian and big endian
- When setting fuzzing points, now it is possible to close the dialog by pressing ESC
- Fixed bug whereby in Windows new lines where translated into "\r\r\n" sequence
- It is now possible to read entries from a dictionary and inject them for dictionary attacks
- Taof now uses the timeoutsocket.py library
- it is now possible to setup the timeouts for requests
- Fixed a bug that made the redirector to stop working due to a bad context management
- Help is now a HTML file
- Help is now displayed in a web browser
- Fixed button interface for stoping fuzzing process
- Fixed a bug whereby the forwarding listener remained running
- Sorted out several issues with the paths and locations for saving files

Version 0.1
- First public release

Posted by Rodrigo Marcos 2006-11-16

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks