Network Fuzzing through Mutiny Fuzzing Framework

Fuzzing provides a way to test for vulnerabilities through generating random data to push into an application. This can be used to test desktop applications, network applications, and just about anything else. I have seen plenty of other types of fuzzers for non-network applications. Mutiny Fuzzing Framework provides a easy to use network fuzzer.

Per the website, it allows to replay PCAPs through a mutational fuzzer. What the hell is a mutational fuzzer? It changes (or mutates) the specified data packets for every request send to a host. This mutation maybe applied to a legitimate, captured traffic stream, but it might also be applied to a generated package stream based on what the user needs.

The video showing how it works with a simple python script, but the computer generated voice is hard to follow. There is plenty of documentation and source 2ode on Github at Cisco-Talos/mutiny-fuzzer repo.

Jesse Spangenberger

Jesse Spangenberger