Metasploit offers AxMan – web-based ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process.
This allows for a much more realistic test than other COM-based assessment tools. AxMan is designed to be used with Internet Explorer 6 only.
AxMan works by first enumerating all registered COM objects and their associated typelib information, then using that information to test each object´s properties and methods. To enumerate the COM information, copy binaxman.exe to the target system, and execute it as an administrative user:
C:> axman.exe myoutput