tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.
zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data, which frequently comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easier to reproduce bugs.
RFDUMP is a GUI to edit the "User Data Fields" on RFID tags and to test if a tag is protected against reading or writing. It implements a real life cookie on RFID tags. The tags that are supported for reading, writing, and editing are ISO 15693, ISO 14443 A, ISO 14443 B, SR176(1,2), Tag-it®, and I-Code®.
Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.
NTMF is a C++ framework for developing software that requires the manipulation of packets traversing a system. The main application areas are protocol testing, protocol implementation testing, network emulation, and network monitoring. It has support for link level packet capturing (using libpcap), link level packet injection, and network level packet injection for IPv4 packets (using lipnet). It supports multi-threaded execution, provides thread-safe packet queues, and provides a dynamic Finite State Machine representation.
TRIPP is a utility to rewrite incoming and outgoing IP packets. Since it can rewrite both headers and payload, it can be used to configure the TCP/IP stack behavior in order to perform various tasks mainly intended for network tests, simulations, and development. It is configured via a small rule-based language, which allows the user to intercept packets, set arbitrary header values, increment or decrement numeric header fields, set an arbitrary payload, rewrite parts of the payload, or fragment, delay, multiply, or drop packets. It is totally user-level and doesn't require a kernel module.