honggfuzz
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
honggfuzz
- FuzzTest: a C++ testing framework for writing and executing fuzz tests, property-based tests executed using coverage-guided fuzzing under the hood
-
How to fuzz java code with jazzar?
Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )
-
Question about getting coverage stats in real time using dynamorio
I once used Hongfuzz as a code-coverage tool, see: https://github.com/google/honggfuzz/tree/master/socketfuzzer
-
60x speed-up of Linux “perf”
Here's the libbfd-based code in case anyone would like to port it, it's basically addr2line.
https://github.com/google/honggfuzz/blob/master/linux/bfd.c
- Resurse C/C++?
radamsa
-
How to fuzz java code with jazzar?
Ex Radmasa
- Radamsa – test case generator for robustness testing
-
Anyone knows open source mutator support regex?
I used to use radamsa to make my own fuzzer, but it does not support regex to generate datas.
-
What Is Fuzz Testing?
At simplest and most straight forward level fuzz testing is pretty simple to get started with. Collect some input(API calls, files, etc.), pass it to fuzzer(for example radamsa[0]), throw it at program and observe...
Ofc, depending on system collecting input and sending it to system might be bit more complicated. Hardest part is often the observing and finding that an error happens.
Not that this gets you full coverage, for more complex things like protocols something custom that takes lot more effort is probably needed.
[0] https://gitlab.com/akihe/radamsa
- Radamsa: A general-purpose black-box fuzzer
What are some alternatives?
AFLplusplus - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
onefuzz - A self-hosted Fuzzing-As-A-Service platform
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
beacon-fuzz - Differential Fuzzer for Ethereum 2.0
build-your-own-x - 🤓 Build your own (insert technology here) [Moved to: https://github.com/codecrafters-io/build-your-own-x]
winafl - A fork of AFL for fuzzing Windows binaries
Catch - A modern, C++-native, test framework for unit-tests, TDD and BDD - using C++14, C++17 and later (C++11 support is in v2.x branch, and C++03 on the Catch1.x branch)
doubleback - Doubleback provides round-trip parsing and printing of 64-bit double-precision floating-point numbers using the Ryu algorithm implemented in multiple programming languages. Doubleback is biased towards "human-friendly" output which round-trips consistently between binary and decimal.
build-your-own-x - Master programming by recreating your favorite technologies from scratch.
cryptofuzz - Fuzzing cryptographic libraries. Magic bug printer go brrrr.
jazzer - Coverage-guided, in-process fuzzing for the JVM