Fuzz-testing XML parser

The following are some XML fusers that I accidentally encountered while searching a few months ago:

• untidy . This is not like active development with the latest update in 2007. (The project is no longer available on Sourceforge, for posterity see archive.org for partial content and packetstorm for download. It was added in Peach-1.0, but is no longer displayed in Peach-3.1 Community Edition.)
• Fuzzware Appears to have decent support for fuzzing based XSD.
• Peach . The Peach fuzzer project will help you generate valid XML files, but probably will not help if you want to confuse the parser instead of the application with the help of a parser. Of course, it’s worth a try, but be warned that creating a data model can be a cumbersome process if you don’t know about the various structures in XML. The related HotFuzz project is also worth mentioning here.
• JBroFuzz . It is quite actively developing. I could not find a tutorial describing its XML (and SOAP) capabilities. The fact that it can only be used as a fuzzing library can help you.
• Codenomicon Defensics for XML . This is a commercial fuzzer. Disclaimer I appreciated Defensics in the past and found it suitable for a variety of purposes. Only one XML parser can be confused using various methods - you can transfer its files created by fuzzer, or issue HTTP requests, etc. Keep in mind that you will need to use different approaches if you need to smooth your application, not the parser; Defensics will help you choose the different input classes that you want to use in the fuzz inputs so that you can target your parser or your application, or both.