American Fuzzy Lop
DISCONTINUED
Experimental Boost.DI
Our great sponsors
American Fuzzy Lop | Experimental Boost.DI | |
---|---|---|
21 | 8 | |
2,903 | 1,087 | |
- | 1.5% | |
0.0 | 3.1 | |
over 2 years ago | 6 months ago | |
C | C++ | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
American Fuzzy Lop
-
Prefer table driven tests (2019)
There's some efforts to guide test generation for property based testing to make the instruction pointer explore as large a space as possible.
This effort is more mature in the fuzzing community. See eg American Fuzzy Lop https://github.com/google/AFL
-
C++ Faker library
What you're describing, just generating random input to test a program, is sometimes called "blind fuzzing" but the state-of-the-art is far beyond that. Maybe try reading through the documentation of e.g. https://github.com/google/AFL to see what a fuzzer does and why just producing random input isn't even scratching the surface.
-
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries
for general riscv I used to use this https://github.com/google/AFL I dont know if it supports x64 tho.
-
How to fuzz java code with jazzar?
Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )
-
One year ago I wrote a buddy memory allocator - project update
I wrote this little fuzz test target in order to fuzz it with afl (under ASan and UBSan):
-
Beariish/little: A small, easily embedded language implemented in a single .c file
afl, which is trivial to apply to this program:
-
TCL like interpreter suitable for embedded use
I made my own version of a TCL interpreter (well, a very TCL like langauge) derived from "picol" available at https://github.com/howerj/pickle. There are many different re-implementations and derivatives of this interpreter but they all seem very "crashy", this one has been significantly hardened by using a fuzzer on it which ran for months called American Fuzzy Lop https://lcamtuf.coredump.cx/afl/ . It is also more suitable for embedded use whilst still not having arbitrary restrictions like many other implementations.
-
What's in your tool belt?
On Linux afl is a very powerful bug-finding tool, and it's a great companion when doing code review. Composes well with ASan and UBSan.
-
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PyFuzzer.The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications.
-
A tiny C89/C90 zero-allocation JSON serializer
How to use with afl:
Experimental Boost.DI
-
What are some cool modern libraries you enjoy using?
I love: https://github.com/boost-ext/di for dependency injection
-
[C++20] New way of meta-programming?
https://github.com/boost-ext/di (To detect constructor parameters and inject dependencies without runtime dispatch)
-
Dependency injection
I was looking to try boost.di for some time, looks nice. https://boost-ext.github.io/di/
- Dependency injection with c++
-
Architecture of a Qt application
Things like Dependency Injection/Inversion are a little more cumbersome in C++ but certainly can be done, and I believe there's libraries for that as well (found a couple searching around, like fruit and boost-ext di ).
-
Jodd – The Unbearable Lightness of Java
Dependency injection does not have to be dynamic, it can totally be done at compile time. Boost DI is an example: https://boost-ext.github.io/di/
- DI in c++ hurt by lack of good libraries?
-
Top five C/C++ things/tips/tricks you wish you had known earlier and are now used very often
Funny you mention dependency injection, proposed Boost.DI shall be up for Boost peer review probably in March. https://boost-ext.github.io/di/
What are some alternatives?
kangaru - 🦘 A dependency injection container for C++11, C++14 and later
boofuzz - A fork and successor of the Sulley Fuzzing Framework
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Cppcheck - static analysis of C/C++ code
PHP CPP - Library to build PHP extensions with C++
ZXing - ZXing ("Zebra Crossing") barcode scanning library for Java, Android
HTTP Parser - http request/response parser for c
AFLplusplus - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
pdqsort - Pattern-defeating quicksort.
c-smart-pointers - Smart pointers for the (GNU) C programming language
gcc-poison - gcc-poison
Better Enums - C++ compile-time enum to string, iteration, in a single header file