ToothPickerSecure Mobile Networking Lab
|
||||||
Related Products
|
||||||
About
FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by the attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, HTTP header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods and name-value pairs that trigger debug modes.
|
About
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically target iOS's Bluetooth daemon and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any platform that runs FRIDA. This repository also includes an over-the-air fuzzer with an exemplary implementation to fuzz Apple's MagicPairing protocol using InternalBlue. Additionally, it contains the ReplayCrashFile script that can be used to verify crashes the in-process fuzzer has found. This is a very simple fuzzer that only flips bits and bytes of inactive connections. No coverage, no injection, but nice as a demo and stateful. Runs just with Python and Frida, no modules or installation are required. ToothPicker is built on the codebase of frizzer. It is recommended to set up a virtual Python environment for frizzer. Starting from the iPhone XR/Xs, PAC has been introduced.
|
|||||
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
|||||
Audience
Anyone requiring a security scanner solution to test their application protocols
|
Audience
Professional users interested in a fuzzing solution to test their iOS applications
|
|||||
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
|||||
API
Offers API
|
API
Offers API
|
|||||
Screenshots and Videos |
Screenshots and Videos |
|||||
Pricing
Free
Free Version
Free Trial
|
Pricing
Free
Free Version
Free Trial
|
|||||
Reviews/
|
Reviews/
|
|||||
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
|||||
Company InformationFuzzDB
github.com/fuzzdb-project/fuzzdb
|
Company InformationSecure Mobile Networking Lab
github.com/seemoo-lab/toothpicker
|
|||||
Alternatives |
Alternatives |
|||||
|
|
|||||
|
|
|||||
|
|
|||||
|
||||||
Categories |
Categories |
|||||
|
|