I'm trying to do some security testing for my server(not a web server) which is sitting behind a nginx proxy. To start with it, I've done some fuzz testing using Sulley. As expected, most of the fuzzed requests were handled by nginx. I also tried using BED tool but since my server expects request on a specific URI(http://host/(uri)), I was not able to make the best use out of it. (is that possible?)
My question- is there any further scope of doing fuzz testing(which I might have missed)? If yes, then what tools can be used?
I'm also looking for a tool for doing penetration testing. Thanks in advance for your inputs.