FSecurity


Fuzz

Namespace: FSecurity

Module that holds the available fuzzing collections.

Functions and values

Function or valueDescription
alphabet
Signature: seq<string>
Attributes:
[<CompiledName("Alphabet")>]

Gets the alhpabethical charaters of a-z and A-Z.

CompiledName: Alphabet

alphanum
Signature: seq<string>
Attributes:
[<CompiledName("Alphanum")>]

Gets the alphanumerical series of a-z, A-Z, and 0-9.

CompiledName: Alphanum

alphanum_special
Signature: seq<string>
Attributes:
[<CompiledName("AlphanumSpecial")>]

Gets the alphanumerical series of a-b, A-Z, 0-9, and all special charaters.

CompiledName: AlphanumSpecial

case(str)
Signature: str:string -> string []
Attributes:
[<CompiledName("Case")>]

Fuzz the case of a given string. (ex. '.php' becomes '.PhP').

CompiledName: Case

contentType
Signature: seq<string>
Attributes:
[<CompiledName("ContentType")>]

Gets a series of content-type values.

CompiledName: ContentType

dirTraversal(fileName)
Signature: fileName:string -> seq<string>
Attributes:
[<CompiledName("DirTraversal")>]

Gets a directory traversal path for a given file name. (ex. 'file.txt' becomes '../../file.txt') 847 attack vectors, 8 levels of recursion (Unix-like, Windows)

CompiledName: DirTraversal

encoding(str)
Signature: str:string -> string []
Attributes:
[<CompiledName("Encoding")>]

Fuzz the encoding of a given string considering the default UTF-8 as current encoding.

CompiledName: Encoding

encodingFrom current str
Signature: current:Encoding -> str:string -> string []
Attributes:
[<CompiledName("Encoding")>]

Fuzz the encoding of the given string and its current encoding.

CompiledName: Encoding

httpLeakageHeaders
Signature: string []
Attributes:
[<CompiledName("HttpLeakageHeaders")>]

Gets HTTP headers that expose information that can be used for fingerprinting.

CompiledName: HttpLeakageHeaders

httpMethods
Signature: HttpMethod []
Attributes:
[<CompiledName("HttpMethods")>]

Gets all HTTP methods.

CompiledName: HttpMethods

httpProtectHeaders
Signature: string list
Attributes:
[<CompiledName("HttpProtectHeaders")>]

Gets HTTP headers that protect against some browser injection security issues.

CompiledName: HttpProtectHeaders

johnTheRipper
Signature: seq<string>
Attributes:
[<CompiledName("JohnTheRipper")>]

John the Ripper dictionary collection.

CompiledName: JohnTheRipper

json
Signature: seq<string>
Attributes:
[<CompiledName("Json")>]

JSON fuzzed values with malicious input.

CompiledName: Json

naughty
Signature: seq<string>
Attributes:
[<CompiledName("Naughty")>]

Big list of naughty strings containing reserved strings, strings representing a numeric value, unicode/superscript, unicode font, zaglo text, right-to left strings, emoji, ...

CompiledName: Naughty

numbers min max
Signature: min:int -> max:int -> seq<string>
Attributes:
[<CompiledName("Numbers")>]

Gets the all the numbers from a minimum to a maximum value inclusive.

CompiledName: Numbers

sized value metric values
Signature: value:int -> metric:Metric -> values:seq<string> -> string
Attributes:
[<CompiledName("Sized")>]

Fuzz by making a sized fuzzed input value from a list of possible fuzzed values. Ex. Fuzz.sized 3 Metric.MB Fuzz.alphabet

CompiledName: Sized

specials
Signature: seq<string>
Attributes:
[<CompiledName("Specials")>]

Gets a series of special charaters (ex. '!', '%', ...)

CompiledName: Specials

sql
Signature: seq<string>
Attributes:
[<CompiledName("Sql")>]

Gets a wide sample of malicious input for SQL targets

CompiledName: Sql

unix
Signature: seq<string>
Attributes:
[<CompiledName("Unix")>]

Gets a wide sample of malicious input for unix-like targets

CompiledName: Unix

windows
Signature: seq<string>
Attributes:
[<CompiledName("Windows")>]

Gets a wide sample of malicious input for windows targets

CompiledName: Windows

xmlDoc
Signature: seq<string>
Attributes:
[<CompiledName("XmlDocument")>]

Gets a series of fuzzed XML documents with malicious input.

CompiledName: XmlDocument

xmlElemAttr
Signature: seq<string>
Attributes:
[<CompiledName("XmlElemenAttribute")>]

Gets a series of fuzzed XML element and attribute malicious input values.

CompiledName: XmlElemenAttribute

xmlXxe
Signature: seq<string>
Attributes:
[<CompiledName("XmlXxe")>]

External entity processing XML documents with malicious input.

CompiledName: XmlXxe

xss
Signature: seq<string>
Attributes:
[<CompiledName("Xss")>]

Gets a series of XSS injection payloads.

CompiledName: Xss

Fork me on GitHub