Web fuzzers all suck. Every last one of them. The easy part about fuzzing a web site is sending the data, the HARD part is interpreting the results. Every single web fuzzer I use has something I don't like about it. So instead of having 20 different web fuzzers sitting on my system, I took two days and wrote my own. It too SUCKS. But at least if it doesn't meet my needs I can easily modify it to do what I want without having to learn someone elses code.

txsWebFuzz is written in perl, so it's easy to modify. It is a basic web fuzzer that has a .txt file of fuzzstrings in a easy format for addition/modification. The fuzz.pl script takes a handfull of command line arguments and fuzzes both GET and POST requests. It can fuzz the URL or the POST content depending on need. After the fuzzing is complete, the script process.pl takes the returned web pages and creates a single web page with image snapshots of each returned page. This allows a quick and easy way to view the fuzz results in chunks. I also put some interesting zoomy script in there for "coolness" factor.

If you like my script, great, let me know... If you think it sucks.. great.. don't bother to let me know.. and if you can't figure out how it works? WRITE YOUR OWN! (or email me a question, I'll probably answer).

You can find the latest version on my Projects Page