JBroFuzz

The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

Features

Commandline support - main class analyzing and executing the commandline options
Added --no-execute option to command line support
Added "Connection: close" preference option to be added to the headers automatically
Massive UI revamp for Fuzzing Tab: Contains 3 Sub-Tabs: Input, Output, On the wire
Introduction of Fuzzing Transforms for those double-URL, triple-Base64 encodings
Added HTTP proxy support & authentication for checking updates
EncoderHashWindow improvements in keeping history within different row selections
Fixed ZBase32 Encoding/Decoding to work as Phil wants it to
Prefix/Suffix in Fuzzer Transforms: http://www.owasp.org/index.php/OWASP_JBroFuzz_Tutorial#Added_Fuzzer_Transformations
Added a plain-text encoder, similar to Zero-Fuzzer for theoretical completeness
Fixed a bunch of supposed "security holes" reported by static analyzers
Small Oracle payloads update

Project Samples

Sending single requests to a list of different web servers

A pie chart of the status codes obtained while fuzzing

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow JBroFuzz

JBroFuzz Web Site

Other Useful Business Software

Compliant and Reliable File Transfers Backed by Top Security Certifications

Cerberus FTP Server delivers SOC 2 Type II certified security and FIPS 140-2 validated encryption.

Stop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.

Start Free Trial

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

yns000 Posted 2009-12-23

The best way of communicating a web vulnerability with .jbrofuzz files

Additional Project Details

Operating Systems

BSD, Linux, Windows

Intended Audience

Advanced End Users, Information Technology, System Administrators

User Interface

Java Swing

Programming Language

Java

Related Categories

Java Security Software

Registered

2006-10-25

Similar Business Software

Files.com

Files.com is a cloud-native Managed File Transfer (MFT) platform that unifies file transfers, sharing, and automation across any cloud, protocol, or partner. It connects 50+ storage systems — including Amazon S3, Azure, Google Drive, SharePoint, Dropbox, and Box — presenting them as a single...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software
UTunnel VPN and ZTNA

UTunnel provides Cloud VPN, ZTNA, and Mesh Networking solutions for secure remote access and seamless network connectivity. ACCESS GATEWAY: Our Cloud VPN as a Service offers swift deployment of Cloud or On-Premise VPN servers. It utilizes OpenVPN and IPSec protocols, enables policy-based...

See Software
Diplomat Managed File Transfer

Diplomat MFT by Coviant Software is a secure, reliable managed file transfer solution designed to simplify and automate SFTP, FTPS, and HTTPS file transfers. Built for seamless integration, Diplomat MFT works across major cloud storage platforms, including AWS S3, Azure Blob, Google Cloud,...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software