The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Features

  • Commandline support - main class analyzing and executing the commandline options
  • Added --no-execute option to command line support
  • Added "Connection: close" preference option to be added to the headers automatically
  • Massive UI revamp for Fuzzing Tab: Contains 3 Sub-Tabs: Input, Output, On the wire
  • Introduction of Fuzzing Transforms for those double-URL, triple-Base64 encodings
  • Added HTTP proxy support & authentication for checking updates
  • EncoderHashWindow improvements in keeping history within different row selections
  • Fixed ZBase32 Encoding/Decoding to work as Phil wants it to
  • Prefix/Suffix in Fuzzer Transforms: http://www.owasp.org/index.php/OWASP_JBroFuzz_Tutorial#Added_Fuzzer_Transformations
  • Added a plain-text encoder, similar to Zero-Fuzzer for theoretical completeness
  • Fixed a bunch of supposed "security holes" reported by static analyzers
  • Small Oracle payloads update

Project Samples

Sending single requests to a list of different web servers A pie chart of the status codes obtained while fuzzing

Project Activity

See All Activity >

Categories

Security

License

GNU General Public License version 2.0 (GPLv2)

Follow JBroFuzz

JBroFuzz Web Site

Other Useful Business Software
Easily Host LLMs and Web Apps on Cloud Run Icon
Easily Host LLMs and Web Apps on Cloud Run

Run everything from popular models with on-demand NVIDIA L4 GPUs to web apps without infrastructure management.

Run frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
Try Cloud Run Free
Rate This Project
Login To Rate This Project

User Ratings

5.0 out of 5 stars
★★★★★
★★★★
★★★
★★
1
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:
All
  • yns000 Posted 2009-12-23
    The best way of communicating a web vulnerability with .jbrofuzz files
Read more reviews >

Additional Project Details

Operating Systems

BSD, Linux, Windows

Intended Audience

Advanced End Users, Information Technology, System Administrators

User Interface

Java Swing

Programming Language

Java

Related Categories

Java Security Software

Registered

2006-10-25
Report inappropriate content