Radamsa Fuzzer Extension for Burp Suite

Radamsa is a cool tool that combines a set of fuzzers which generate data based on input string. You can feed it a PDF file for example and Radamsa will produce a bunch of PDF-alike documents that are fuzzed in all imaginable forms. Just see this:

$ echo "test123" | radamsa -n 10
ttestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestestest1
tes.--1
--test170141183460469231731687303715884105728
test4294129
test1
test65660
340282366920938463463374607431768211443t0
-0
test1710618
test-6

Perfect for looking for all kinds of buffer overflows. And this tool can be especially useful combined with Burp Suite, that is why here is quick and dirty extension that enables you to use Radamsa to generate Burp Suite’s Intruder payloads:
Снимок экрана от 2013-06-24 21:25:01
Grab the code here: https://github.com/Raz0r/burp-radamsa


Posted

in

by

Comments

4 responses to “Radamsa Fuzzer Extension for Burp Suite”

  1. educrypt Avatar
    educrypt

    Nice and great tool, but this is for Burp Professional Suite? Because on mac osx i don’t see on Payload Type “Extension-generated” and on payloads options i don’t load any extension.
    Or i better if i use this tool on linux?
    Thank you!

  2. Raz0r Avatar

    Apparently it requires Burp Suite Pro no matter what OS you use.

  3. duccio mangiavacchi Avatar
    duccio mangiavacchi

    OK thank you!

  4. aldo Avatar
    aldo

    nice

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.