JSONFuzz - JSON Service Fuzzer


JSON (JavaScript Object Notation) is a text-based format designed to be human-readable and at the same time suitable for data interchange between computer programs. JSONFuzz is a tool to help you automate the security testing process of JSON-based web services.

Key Features

By subscribing to JSONFuzz you get the following awesome features:

  • Full support for JSON fuzzing
  • Deeply nested JSON fuzzing
  • Optional URL query and request headers fuzz stages
  • Test web apps even behind the perimeter firewall
  • Configurable fuzz payloads
  • Share vulnerabilities with team members
  • Exportable reports in HTML, CSV, XML and JSON
  • Integration with 3rd-party tools
  • Easy to use
  • Always available
  • Instantaneous updates

Fuzzing JSON

JSON resembles the structure of JavaScript objects with a few added rules/constrains to make it more generic and easy to interpret by other programming languages. These constrains define how JSON works and are essential for the successful communication between different parts of a program. JSONFuzz takes into the account the structure of JSON documents to create a framework for automatically testing for security vulnerabilities by using various fuzz-testing techniques.

Videos & Screenshots