Boofuzz – Network Protocol Fuzzing for Humans

AVvXsEhHs Mr5 2Nmke0L3y0 cRwzCZcjGbSISpohXIethFOau4 iP3wGOULB UH0wPY12Ru1lGTaBci F1ac6AEt29ei9FH6ygI1EbE9sNb2kM7 ypOukycB7TUjXg3f FMw9zA4ksXRrRJEXXNAuEepcidgqYobu1uEzFyIOI89NRj ETM5kZqhmE2hmS7mA=w538 h640

Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything.


Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance.


Like Sulley, boofuzz incorporates all the critical elements of a fuzzer:

  • Easy and quick data generation.
  • Instrumentation – AKA failure detection.
  • Target reset after failure.
  • Recording of test data.

Unlike Sulley, boofuzz also features:

  • Online documentation.
  • Support for arbitrary communications mediums.
  • Built-in support for serial fuzzing, ethernet- and IP-layer, UDP broadcast.
  • Better recording of test data — consistent, thorough, clear.
  • Test result CSV export.
  • Extensible instrumentation/failure detection.
  • Much easier install experience!
  • Far fewer bugs.

Sulley is affectionately named after the giant teal and purple creature from Monsters Inc. due to his fuzziness. Boofuzz is likewise named after the only creature known to have scared Sulley himself: Boo!

AVvXsEiELu QNyBcbrIqahNBSQjZguGEvXICb4NQwJKWqZo NCwxgKvbskSPgPMs3JKciUlGGm02EHsf0BGbbqBSdvh203Fgp0 N3JNrqmS4kW4xiwNavI5hVm5HvW99dm gMayCyqMKJ69a2dQnI3wv6CILkNTJwu1V WSMD8NvFMqhnVcWswLOArlKly8R3w=s320

Boo from Monsters Inc


pip install boofuzz

Boofuzz installs as a Python library used to build fuzzer scripts. See INSTALL.rst for advanced and detailed instructions.


Documentation is available at, including nifty quickstart guides.


Pull requests are welcome, as boofuzz is actively maintained (at the time of this writing ;)). See CONTRIBUTING.rst.


For questions that take the form of “How do I… with boofuzz?” or “I got this error with boofuzz, why?”, consider posting your question on Stack Overflow. Make sure to use the fuzzing tag.

If you’ve found a bug, or have an idea/suggestion/request, file an issue here on GitHub.

For other questions, check out boofuzz on gitter or Google Groups.

For updates, follow @b00fuzz on Twitter.

click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *