Go Fuzz Yourself! Where do I even begin?!

For those who are unfamiliar with the term or practice of Fuzz Testing, it’s essentially the combination of testing input validation coupled with stress testing, which is performed by spraying inputs of a target device, application, or system with random and crafted input at high velocity and observing the effects on the target. Use cases can involve testing input forms on a website to ensure it doesn’t accept foreign or script characters or ensuring that IIoT devices are programmed to be functionally robust.

I’ve performed fuzz testing for many web & mobile applications, and even industrial networks and devices. There are common denominators amongst fuzz tests of different technology or hardware stacks that map to higher level processes that translate well across the board and can be universally applied. Many fuzzing frameworks claim to be unified, but are only such when employed in their respective technology silo(s). As someone who works simultaneously in very low and high levels of varying engagements, I tend never to work, research, or experiment in a vacuum. And so the thought of having to find and apply fuzzing frameworks a la carte aggravates the living shit out of me, as It’s an inefficient and misapplied expenditure of effort (i.e. a waste of time).

I wanted to provide something of value that others who need to perform fuzz testing of anything can use from front-to-end, and even build off + flesh out as seen fit by those planning and/or testing. I just wanted to make your life easier. Enjoy!!