{"id":29653,"date":"2025-01-20T06:39:31","date_gmt":"2025-01-20T06:39:31","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=29653"},"modified":"2025-01-20T06:39:33","modified_gmt":"2025-01-20T06:39:33","slug":"firefly","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/firefly\/","title":{"rendered":"Firefly &#8211; Black Box Fuzzer For Web Applications"},"content":{"rendered":"\n<p>Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target.<\/p>\n\n\n\n<p><strong>NOTE <\/strong>: <em>Firefly is in a very new stage (v1.0) but works well for now, if the target does not contain too much dynamic content. Firefly still detects and filters dynamic changes, but not yet perfectl<\/em>y<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Advantages<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Heavy use of gorutines and internal hardware for great preformance<\/li>\n\n\n\n<li>Built-in engine that handles each task for &#8220;x&#8221; response results inductively<\/li>\n\n\n\n<li>Highly customized to handle more complex fuzzing<\/li>\n\n\n\n<li>Filter options and request verification to avoid junk results<\/li>\n\n\n\n<li>Friendly error and debug output<\/li>\n\n\n\n<li>Build in payloads (default list are mixed with the wordlist from <a href=\"https:\/\/github.com\/danielmiessler\/SecLists\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">seclists<\/a>)<\/li>\n\n\n\n<li>Payload tampering and encoding functionality<a href=\"https:\/\/github.com\/Brum3ns\/firefly#features\"><\/a><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\"><strong>Features<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjTHC61vuCkcVrMYCN_kT2vNBsn-a1ieYOgL0qmORubNQWGDIKSvBHhZQQrfyTBsgytgV3vxuiYd3g7c0IVSmj_vMHtcwvTbpaB2RdQzRntbVXy1tELIlZzL2a5CT4rzoK9G8FxzL8bbK8L6hWF1oTKL22Dr8xwKPwzE5pDQcT05Rucyo13voM-iy1Buoo\/s16000\/fireflyOptions.png\" alt=\"\" style=\"width:1067px;height:1747px\"\/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Installation<\/h2>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong>go install -v github.com\/Brum3ns\/firefly\/cmd\/firefly@latest<\/strong>\n<\/code><\/pre>\n\n\n\n<p>If the above install method do not work try the following:<\/p>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong>git clone https:\/\/github.com\/Brum3ns\/firefly.git\ncd firefly\/\ngo build cmd\/firefly\/firefly.go\n.\/firefly -h<\/strong>\n<\/code><\/pre>\n\n\n\n<h1 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#usage\"><\/a><\/h1>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Usage<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#simple\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Simple<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong>firefly -h<\/strong>\n<strong>firefly -u 'http:\/\/example.com\/?query=FUZZ'<\/strong><\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#advanced-usage\"><\/a><\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Advanced usage<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#request\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Request<\/strong><\/h3>\n\n\n\n<p>Different types of request input that can be used<\/p>\n\n\n\n<p>Basic <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; &#8211;timeout 7000<\/strong><\/p>\n\n\n\n<p>Request with different methods and protocols <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -m GET,POST,PUT -p https,http,ws<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#pipeline\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Pipeline<\/strong><\/h3>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>echo &#8216;http:\/\/example.com\/?query=FUZZ&#8217; | firefly<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#http-raw\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>HTTP Raw<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong>firefly -r '\nGET \/?query=FUZZ HTTP\/1.1\nHost: example.com\nUser-Agent: FireFly'<\/strong><\/code><\/pre>\n\n\n\n<p>This will send the HTTP Raw and auto detect all GET and\/or POST parameters to fuzz. <\/p>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong>firefly -r '\nPOST \/?A=1 HTTP\/1.1\nHost: example.com\nUser-Agent: Firefly\nX-Host: FUZZ\n\nB=2&amp;C=3' -au replace<\/strong><\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#request-verifier\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Request Verifier<\/strong><\/h3>\n\n\n\n<p>Request verifier is the most important part. This feature let Firefly know the core behavior of the target your fuzz. It&#8217;s important to do quality over quantity. More verfiy requests will lead to better quality at the cost of internal hardware preformance (<em>depending on your hardware<\/em>)<\/p>\n\n\n\n<pre class=\"wp-block-code has-background\" style=\"background-color:#f6f6f6\"><code><strong> firefly -u 'http:\/\/example.com\/?query=FUZZ' -e<\/strong><\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#payloads\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Payloads<\/strong><\/h3>\n\n\n\n<p>Payload can be highly customized and with a good core wordlist it&#8217;s possible to be able to fully adapt the payload wordlist within Firefly itself.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#payload-debug\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Payload debug<\/strong><\/h3>\n\n\n\n<p><em>Display the format of all payloads and exit<\/em><\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -show-payload<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#tampers\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Tampers<\/strong><\/h3>\n\n\n\n<p><em>List of all Tampers avalible<\/em><\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -list-tamper<\/strong><\/p>\n\n\n\n<p>Tamper all paylodas with given type (<em>More than one can be used separated by comma<\/em>)<\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -e s2c<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#encode\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Encode<\/strong><\/h3>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -e hex<\/strong><\/p>\n\n\n\n<p>Hex then URL encode all payloads <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\">f<strong>irefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -e hex,url<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#payload-regex-replace\"><\/a><\/h4>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Payload regex replace<\/strong><\/h3>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -pr &#8216;\\([0-9]+=[0-9]+\\) =&gt; (13=(37-24))&#8217;<\/strong><\/p>\n\n\n\n<p><em>The Payloads: <code>' or (1=1)-- -<\/code> and <code>\" or(20=20)or \"<\/code> Will result in: <code>' or (13=(37-24))-- -<\/code> and <code>\" or(13=(37-24))or \"<\/code> Where the <code>=&gt;<\/code> (with spaces) inducate the &#8220;replace to&#8221;.<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#filters\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Filters<\/strong><\/h3>\n\n\n\n<p><em>Filter options to filter\/match requests that include a given rule.<\/em><\/p>\n\n\n\n<p>Filter response to <strong>ignore<\/strong> (filter) <code>status code 302<\/code> and <code>line count 0<\/code> <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -fc 302 -fl 0<\/strong><\/p>\n\n\n\n<p>Filter responses to <strong>include<\/strong> (match) <code>regex<\/code>, and <code>status code 200<\/code><\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -mr &#8216;[Ee]rror (at|on) line \\d&#8217; -mc 200<\/strong><\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -mr &#8216;MySQL&#8217; -mc 200<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#preformance\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Preformance<\/strong><\/h3>\n\n\n\n<p><em>Preformance and time delays to use for the request process<\/em><\/p>\n\n\n\n<p>Threads \/ Concurrency <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -t 35<\/strong><\/p>\n\n\n\n<p>Time Delay in millisecounds (ms) for each Concurrency<\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"> <strong>FireFly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -t 35 -dl 2000<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#wordlists\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Wordlists<\/strong><\/h3>\n\n\n\n<p><em>Wordlist that contains the paylaods can be added separatly or extracted from a given folder<\/em><\/p>\n\n\n\n<p>Single Wordlist with its attack type <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -w wordlist.txt:fuzz<\/strong><\/p>\n\n\n\n<p>Extract all wordlists inside a folder. Attack type is depended on the suffix <code>&lt;type&gt;_wordlist.txt<\/code> <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -w wl\/<\/strong><\/p>\n\n\n\n<p><strong>Example<\/strong><\/p>\n\n\n\n<p>Wordlists names inside folder <code>wl<\/code> :<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>fuzz_wordlist.txt<\/li>\n\n\n\n<li>time_wordlist.txt<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Brum3ns\/firefly#output\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Output<\/strong><\/h3>\n\n\n\n<p><em>JSON output is <strong>strongly recommended<\/strong>. This is because you can benefit from the <code>jq<\/code> tool to navigate throw the result and<\/em> compare it.<\/p>\n\n\n\n<p>(<em>If Firefly is pipeline chained with other tools, standard plaintext may be a better choice.<\/em>)<\/p>\n\n\n\n<p>Simple plaintext output format <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -o file.txt<\/strong><\/p>\n\n\n\n<p>JSON output format (<em>recommended<\/em>) <\/p>\n\n\n\n<p class=\"has-background\" style=\"background-color:#f6f6f6\"><strong>firefly -u &#8216;http:\/\/example.com\/?query=FUZZ&#8217; -oJ file.json<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Community<\/h2>\n\n\n\n<p>Everyone in the community are allowed to suggest new features, improvements and\/or add new payloads to Firefly just make a pull request or add a comment with your suggestions!<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-16018d1d wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/github.com\/Brum3ns\/firefly\">Click Here To Download<\/a><\/div>\n<\/div>\n\n\n\n<p class=\"has-text-align-center has-background\" style=\"background-color:#f4f4f4\"><strong>Please consider&nbsp;<a href=\"https:\/\/www.linkedin.com\/company\/kali-linux-tutorials\/\" target=\"_blank\" rel=\"noreferrer noopener\">following and supporting<\/a>&nbsp;us to stay updated with the latest info<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. NOTE : Firefly is in a very new stage (v1.0) but works well for now, if the target does not [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":29669,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[6122,6121],"class_list":["post-29653","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-black-box-fuzzer","tag-firefly"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Firefly - Black Box Fuzzer For Web Applications<\/title>\n<meta name=\"description\" content=\"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/firefly\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Firefly - Black Box Fuzzer For Web Applications\" \/>\n<meta property=\"og:description\" content=\"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/firefly\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-20T06:39:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-20T06:39:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Firefly &#8211; Black Box Fuzzer For Web Applications\",\"datePublished\":\"2025-01-20T06:39:31+00:00\",\"dateModified\":\"2025-01-20T06:39:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/\"},\"wordCount\":677,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\",\"keywords\":[\"Black Box Fuzzer\",\"Firefly\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/firefly\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/firefly\/\",\"name\":\"Firefly - Black Box Fuzzer For Web Applications\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\",\"datePublished\":\"2025-01-20T06:39:31+00:00\",\"dateModified\":\"2025-01-20T06:39:33+00:00\",\"description\":\"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/firefly\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Firefly - Black Box Fuzzer For Web Applications","description":"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/firefly\/","og_locale":"en_US","og_type":"article","og_title":"Firefly - Black Box Fuzzer For Web Applications","og_description":"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage","og_url":"https:\/\/kalilinuxtutorials.com\/firefly\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2025-01-20T06:39:31+00:00","article_modified_time":"2025-01-20T06:39:33+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/firefly\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/firefly\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Firefly &#8211; Black Box Fuzzer For Web Applications","datePublished":"2025-01-20T06:39:31+00:00","dateModified":"2025-01-20T06:39:33+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/firefly\/"},"wordCount":677,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","keywords":["Black Box Fuzzer","Firefly"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/firefly\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/firefly\/","url":"https:\/\/kalilinuxtutorials.com\/firefly\/","name":"Firefly - Black Box Fuzzer For Web Applications","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","datePublished":"2025-01-20T06:39:31+00:00","dateModified":"2025-01-20T06:39:33+00:00","description":"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/firefly\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/firefly\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjHxVV0MlQvQ3gYIfSF-inzfFd9I0ziPkFUzIOUyZ2gt_MO1FrokCzn2j6BXehcqc-IIT2-uMcRnU_sALDR5m9L-z-v5LlWCRCkPe6TA0uoe9KMChn2NZTlCn4DNCVZGag-fvi7ip89S4YUGP9jeZx-EQsl9dNTb7D3i7AxQCVDyw8ToCMqI3YeHVNqsrE\/s16000\/firefly.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":34285,"url":"https:\/\/kalilinuxtutorials.com\/firefly-2\/","url_meta":{"origin":29653,"position":0},"title":"Firefly : Revolutionizing Security Testing With Advanced Black-Box Fuzzing","author":"Varshini","date":"August 5, 2024","format":false,"excerpt":"Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. Advantages \u00a0Hevy use of gorutines and internal hardware for great preformance \u00a0Built-in engine that handles\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgAubz4gdun88k9FWcx9Ujo8q8r7dC2T4o9ovwmM6H07HXl4tTFJePxgGQLEkFXqgpeoics7ggwtRm5g2Qh8foNyiJHiuHDRrycbfdaxPLbFftTDu1xWDDqmunecE2zUsF4UFAIdjvyvWOAm5VBQXDX64cMB-FgP0ZMCEAbgJ0mHBRDoiG_4pqvkORnQzvw\/s16000\/Firefly%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":17866,"url":"https:\/\/kalilinuxtutorials.com\/fpicker\/","url_meta":{"origin":29653,"position":1},"title":"Fpicker : A Frida-based Fuzzing Suite Supporting Various Modes","author":"R K","date":"September 19, 2021","format":false,"excerpt":"Fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++ mode or a passive tracing mode. It should run on all platforms that are supported by Frida. Installation InstructionsBuilding and RunningCreating a Fuzzing HarnessModes and Configuration Some background information and\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-eHrVdLN1ijo\/YTGk80k1oNI\/AAAAAAAAKp4\/Lk1WHN5gfAwXq-ZBZD9uVXyhCyNEM-0NgCLcBGAsYHQ\/s728\/fpicker_logo%2B%25281%2529.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-eHrVdLN1ijo\/YTGk80k1oNI\/AAAAAAAAKp4\/Lk1WHN5gfAwXq-ZBZD9uVXyhCyNEM-0NgCLcBGAsYHQ\/s728\/fpicker_logo%2B%25281%2529.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-eHrVdLN1ijo\/YTGk80k1oNI\/AAAAAAAAKp4\/Lk1WHN5gfAwXq-ZBZD9uVXyhCyNEM-0NgCLcBGAsYHQ\/s728\/fpicker_logo%2B%25281%2529.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-eHrVdLN1ijo\/YTGk80k1oNI\/AAAAAAAAKp4\/Lk1WHN5gfAwXq-ZBZD9uVXyhCyNEM-0NgCLcBGAsYHQ\/s728\/fpicker_logo%2B%25281%2529.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":7504,"url":"https:\/\/kalilinuxtutorials.com\/atfuzzer-dynamic-analysis-at-interface-android\/","url_meta":{"origin":29653,"position":2},"title":"ATFuzzer : Dynamic Analysis of AT Interface For Android Smartphones","author":"R K","date":"November 29, 2019","format":false,"excerpt":"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones\" is accepted to the 35th Annual Computer Security Applications Conference (ACSAC) 2019. This paper focuses on checking the correctness and robustness of the AT command interface exposed by the cellular baseband processor through Bluetooth and USB. A\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":30329,"url":"https:\/\/kalilinuxtutorials.com\/cakefuzzer\/","url_meta":{"origin":29653,"position":3},"title":"CakeFuzzer &#8211; Vulnerability Detection for CakePHP","author":"Varshini","date":"September 18, 2023","format":false,"excerpt":"Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently it is implemented to support the Cake PHP framework. If you would like to learn more about the research process check\u2026","rel":"","context":"In &quot;Hacking Tools&quot;","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihw9AHkFPIufHyJDzdnt9Gu0hdDQ054CaREMukpp0Cgj7XwwaeXEgPq2DlLyXhKF4kRrHeNHO3MmC6YLhkG5m35LxgtxV8F11OuC7y_SEqc2l4KvPTINiVhJGxX6jKPzhBJnmGXVlK3RaTWPJF6gqVa20GgL-q9K_yLHVxBcZV6nlDnYqgLkju8QQT6A\/s16000\/CakeFuzzer%20Vulnerability%20Detection%20for%20CakePHP.webp?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":4436,"url":"https:\/\/kalilinuxtutorials.com\/mutiny-fuzzer\/","url_meta":{"origin":29653,"position":4},"title":"Mutiny Fuzzer : Network Fuzzer Replaying PCAPs Through a Mutational Fuzzer","author":"R K","date":"March 31, 2019","format":false,"excerpt":"The Mutiny Fuzzer Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being thorough. The general workflow for Mutiny is to take a sample of legitimate traffic, such as a\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10158,"url":"https:\/\/kalilinuxtutorials.com\/frida-fuzzer\/","url_meta":{"origin":29653,"position":5},"title":"Frida-Fuzzer : Experimental Fuzzer Used For API In-Memory Fuzzing","author":"R K","date":"April 8, 2020","format":false,"excerpt":"Frida-Fuzzer is a experimental fuzzer is meant to be used for API in-memory fuzzing. The design is highly inspired and based on AFL\/AFL++. ATM the mutator is quite simple, just the AFL's havoc and splice stages. I tested only the examples under tests\/, this is a WIP project but is\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29653","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=29653"}],"version-history":[{"count":17,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29653\/revisions"}],"predecessor-version":[{"id":35807,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29653\/revisions\/35807"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/29669"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=29653"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=29653"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=29653"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}