iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a full-featured browser harness, standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.

iexploder was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project. Inspiration for iExploder came from Michal Zalewski's http://lcamtuf.coredump.cx/mangleme/mangle.cgi'>mangleme.

http://iexploder.googlecode.com/files/active.png' border='1'>

Features

• Tests all HTML and CSS attributes that Mozilla, Webkit and other browsers support
  
• Basic fuzzing for media formats (bmp gif ico jng jpg ogg png snd svg tiff wav xbm xpm)
  
• Very basic DOM manipulation fuzzing via JS
  
• HTTP header fuzzing
  
• CSS Selector fuzzing
  
• Logic, buffer overflow, and format string testing
  
• An unlimited amount of repeatable tests
  
• Sequential and random testcase testing, with the ability to resume (sequential only)
  
• Tools to help isolate which test crashed the browser, as well as locate backtrace information

News

iExploder 1.7.1 and 1.7.2 released (2010-09-20)

• More reliable testcase generation due to double redirect testing
  
• Fix broken subtest isolation when in random testing mode

iExploder 1.7 released (2010-09-06)

• New browser-harness mode to stop/start browsers, replicate crash scenarios, and save minimized testcases
  
• New specialized style tag support with CSS selector fuzzing
  
• Support for Ruby 1.9.x
  
• Supported tags updated from WebKit and Mozilla trees

iExploder 1.5 released (2010-03-14)