JBroFuzz is a web application protocol fuzzer that emerged from the needs of penetration testing.

Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the server/service in question consume the data.

The purpose of JBroFuzz is to provide a single, portable application that offers stable HTTP/x.x protocol fuzzing capabilities. Further to this, JBroFuzz groups together a number of popular payloads into corresponding categories, thus forming a reference for the vulnerabilities it attempts to identify.

If you can't fuzz with this version of JBroFuzz, you probably don't want to fuzz!!

Ultimately the above goal does help raise awareness around the subject of fuzzing and how that can be used to assist and benchmark in the security of applications using such protocols.

What's New in This Release: [ read full changelog ]

· Overall, version 1.4 addresses cross platform graphical user interface issues on linux and windows, with focus on shortening the number of clicks a user has to perform in order to fuzz.