Abstract: Fuzz Testing is an effective method to mine all kinds of vulnerabilities. But the main drawbacks to current fuzz testing tools are: firstly, it produces high volume testing data and it’s extraordinary time consumption; secondly, if the accessing needs authentication, the greatest part of test data will be abandoned. PyFuzzer, a novel automatic in-memory fuzz testing tool combining static analysis, dynamic analysis and in-memory fuzz testing, was presented. The tool is highly automatic and effective. Compared with 4n FTP Fuzzer in testing WarFTPD and Serv-U, PyFuzzer can discover all vulnerabilities and improve test efficiency greatly.