Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.
Citrus is a test framework written in Java that enables automated integration testing of message-based enterprise SOA applications. The tool can easily simulate surrounding systems across various transports and protocols (e.g. JMS, SOAP WebServices, HTTP, TCP/IP, etc.) in order to perform end-to-end use case testing. Citrus provides strong validation mechanisms for XML message contents and allows you to build complex testing logic such as sending and receiving messages, database validation, automatic retries, variable definitions, dynamic message contents, error simulation, and many more.
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", provides an environment where applications instantly become IPv6-compliant ('patch' mode, see RFC6535). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode). It uses an LD_PRELOAD-based library injection technique.
OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
PyMuTester is tool to facilitate Mutant Testing (a.k.a Mutant Analysis or Program Mutation) on software systems written in Python. Its main purpose is to assist you in improving your existing unit tests to cover missing checks and “loopholes” in your testing. It works by making small changes (technically known as mutants) to your Python application’s source code and re-running your unit tests over these mutated applications' source code. Since the mutants usually go against the specifications, your unit tests should fail in such tests. If the unit tests still pass, then that is an indication that your unit tests might have missed some checks.
tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.