‘Browser Fuzzer’

Summary

Credit:

‘The information has been provided by Krakow Labs.
The original article can be found at: http://www.krakowlabs.com/dev/fuz/bf2/bf2_doc.txt
To keep updated with the tool visit the project’s homepage at: http://www.krakowlabs.com/dev/fuz/bf2/bf2.pl.txt


Details

‘Browser Fuzzer 2 (bf2) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.

How does it work?
BF2 takes in command line options that define the output of the fuzzing web pages and define what phase the user would
like to fuzz. BF2 then generates the pages via custom functions that take the required format, the tag or function its
fuzzing, and data from the fuzzing oracle in a way that the web browser can interpret the content. One by one, BF2 outputs
each unique fuzzing page. To keep the process automated, refresh code is also embedded in each fuzzing page to make them
jump from one to another after the browser processes each web pages content.

Example Fuzzing Web Page (html40.html):
<html>
<head><meta http-equiv=’refresh’ content=’1; url=html41.html’></head>
<body alink=’%.2049d’>
</html>’

Categories: Tools