jazzer VS libfuzzer-workshop

Check out Jazzer, the code intelligence blog, and search for custom sanitizers for Java etc. https://github.com/CodeIntelligenceTesting/jazzer

Input Generation: The tester uses a fuzzing tool such as CI Fuzz or Jazzer to generate random or unexpected inputs to the software application.

Fuzzing is a testing technique where random values are generated as inputs to find unexpected behavior such as crashes and security issues. Previously we looked at the new Golang release 1.18 which includes native fuzzing and our Core Technology blog series contained a post that compares symbolic execution to different other testing techniques, including fuzzing. Today, we will dive into the Java world and check out the most popular Java fuzzing solution: Jazzer.

Coverage-guided fuzzer for Java

$ git clone https://github.com/CodeIntelligenceTesting/jazzer $ cd jazzer $ ./bazelisk-linux-amd64 run //:jazzer Starting local Bazel server and connecting to it... INFO: Analyzed target //:jazzer (79 packages loaded, 1410 targets configured). INFO: Found 1 target... Target //:jazzer up-to-date: bazel-bin/jazzer INFO: Elapsed time: 43.920s, Critical Path: 7.21s INFO: 83 processes: 4 internal, 79 linux-sandbox. INFO: Build completed successfully, 83 total actions INFO: Build completed successfully, 83 total actions driver/jazzer_driver: error while loading shared libraries: libjvm.so: cannot open shared object file: No such file or directory

One of the authors of Jazzer here. Feel free to ask any questions regarding Jazzer (https://github.com/CodeIntelligenceTesting/jazzer) or how to integrate Java/JVM projects into OSS-Fuzz.

Learning how to is half the fun!

There's a bunch of good tutorials out there on [dumb] fuzzing (presumably where you'll start). One starting point I'd recommend is taking a binary that accepts input from stdin and making some proof-of-concepts with AFL (https://lcamtuf.coredump.cx/afl/).

If you'd rather start from a code/library perspective (and not CLI), I'd recommend libfuzzer (https://github.com/Dor1s/libfuzzer-workshop/).

There's a lot of other fuzzers, techniques, and depth to the field, but I'd recommend inch worming through (speed up as you gain more comfort). The Fuzzing Book is good to help you understand the logic behind techniques and strategies (https://www.fuzzingbook.org/)

As for some management, there's a few decent "monitoring" systems out there; personally I just SSH in and check the fuzzer manually (I leave it running in a tmux pane), but if that's not your cup of tea I've heard good things about OneFuzz (https://github.com/microsoft/onefuzz) and LuckyCat (https://github.com/fkie-cad/LuckyCAT).

Happy to answer any specifics of the sort :)

That depends on the language you want to fuzz. A good general introduction and hands-on "course" for C/C++ is https://github.com/Dor1s/libfuzzer-workshop. If you prefer Java and just want to get a feeling for how concrete fuzz targets can look like, take a look at the Jazzer examples at https://github.com/CodeIntelligenceTesting/jazzer/tree/main/....