Fuzzing is a software testing technique that consists of finding implementation bugs using random data injection. Fuzzers generate malformed data and pass it to the particular target entity to verify its overflow capacity. Metasploit provides several fuzzing modules that can be helpful in exploit development. Let's explore more about the basics of fuzzing and how Metasploit modules can be used as potential fuzzers.
Before we jump to the Metasploit fuzzer modules, let's have a brief overview of fuzzing and its types.
The Metasploit Framework provides a complete set of libraries to manipulate network protocols and data that can help us develop a simple fuzzer.
Depending on the type of application or protocol that we are targeting, we can set up our fuzzer to generate data/packets to test for overflow conditions. Metasploit contains several fuzzer modules that can be used to test applications and protocols. These modules can be located in modules/auxiliary...