jazzer
American Fuzzy Lop
jazzer | American Fuzzy Lop | |
---|---|---|
11 | 21 | |
906 | 2,903 | |
- | - | |
9.2 | 0.0 | |
2 months ago | almost 3 years ago | |
Java | C | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
jazzer
-
JQF Genetic Algorithm
Check out Jazzer, the code intelligence blog, and search for custom sanitizers for Java etc. https://github.com/CodeIntelligenceTesting/jazzer
-
Automated Fuzz Testing: The Power of Code Intelligence App
Input Generation: The tester uses a fuzzing tool such as CI Fuzz or Jazzer to generate random or unexpected inputs to the software application.
-
Java Fuzzing with Jazzer compared to Symflower
Fuzzing is a testing technique where random values are generated as inputs to find unexpected behavior such as crashes and security issues. Previously we looked at the new Golang release 1.18 which includes native fuzzing and our Core Technology blog series contained a post that compares symbolic execution to different other testing techniques, including fuzzing. Today, we will dive into the Java world and check out the most popular Java fuzzing solution: Jazzer.
-
jazzer.js alternatives - jazzer and cifuzz
3 projects | 12 Sep 2022
Coverage-guided fuzzer for Java
-
How to fuzz java code with jazzar?
$ git clone https://github.com/CodeIntelligenceTesting/jazzer $ cd jazzer $ ./bazelisk-linux-amd64 run //:jazzer Starting local Bazel server and connecting to it... INFO: Analyzed target //:jazzer (79 packages loaded, 1410 targets configured). INFO: Found 1 target... Target //:jazzer up-to-date: bazel-bin/jazzer INFO: Elapsed time: 43.920s, Critical Path: 7.21s INFO: 83 processes: 4 internal, 79 linux-sandbox. INFO: Build completed successfully, 83 total actions INFO: Build completed successfully, 83 total actions driver/jazzer_driver: error while loading shared libraries: libjvm.so: cannot open shared object file: No such file or directory
- How to Write Fuzz Targets with Jazzer
-
Fuzzing Java in OSS-Fuzz
One of the authors of Jazzer here. Feel free to ask any questions regarding Jazzer (https://github.com/CodeIntelligenceTesting/jazzer) or how to integrate Java/JVM projects into OSS-Fuzz.
- Jazzer: Coverage-Guided Fuzzing for JVM
- Jazzer is a coverage-guided, in-process fuzzer for the JVM platform (2021, github)
- Jazzer - a coverage-guided, in-process fuzzer for the JVM platform
American Fuzzy Lop
-
Prefer table driven tests (2019)
There's some efforts to guide test generation for property based testing to make the instruction pointer explore as large a space as possible.
This effort is more mature in the fuzzing community. See eg American Fuzzy Lop https://github.com/google/AFL
-
C++ Faker library
What you're describing, just generating random input to test a program, is sometimes called "blind fuzzing" but the state-of-the-art is far beyond that. Maybe try reading through the documentation of e.g. https://github.com/google/AFL to see what a fuzzer does and why just producing random input isn't even scratching the surface.
-
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries
for general riscv I used to use this https://github.com/google/AFL I dont know if it supports x64 tho.
-
How to fuzz java code with jazzar?
Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )
-
One year ago I wrote a buddy memory allocator - project update
I wrote this little fuzz test target in order to fuzz it with afl (under ASan and UBSan):
-
Beariish/little: A small, easily embedded language implemented in a single .c file
afl, which is trivial to apply to this program:
-
TCL like interpreter suitable for embedded use
I made my own version of a TCL interpreter (well, a very TCL like langauge) derived from "picol" available at https://github.com/howerj/pickle. There are many different re-implementations and derivatives of this interpreter but they all seem very "crashy", this one has been significantly hardened by using a fuzzer on it which ran for months called American Fuzzy Lop https://lcamtuf.coredump.cx/afl/ . It is also more suitable for embedded use whilst still not having arbitrary restrictions like many other implementations.
-
What's in your tool belt?
On Linux afl is a very powerful bug-finding tool, and it's a great companion when doing code review. Composes well with ASan and UBSan.
- Afl - American fuzzy lop - a security-oriented fuzzer
-
Difficulty of CSCA48 compared to other first year cs/math courses
b-, https://lcamtuf.coredump.cx/afl/
What are some alternatives?
libfuzzer-workshop - Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
boofuzz - A fork and successor of the Sulley Fuzzing Framework
junit-quickcheck - Property-based testing, JUnit-style
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
PIT - State of the art mutation testing system for the JVM
Cppcheck - static analysis of C/C++ code
jni-bind - JNI Bind is a set of advanced syntactic sugar for writing efficient correct JNI Code in C++17 (and up).
HTTP Parser - http request/response parser for c
symflower - Symflower is a Java unit test generation tool for IntelliJ IDEA, Visual Studio Code, Android Studio, and CLI. Use it to write and maintain test code with ease. This repository is for providing community support.
PHP CPP - Library to build PHP extensions with C++
radamsa
ZXing - ZXing ("Zebra Crossing") barcode scanning library for Java, Android