junit-quickcheck
American Fuzzy Lop
junit-quickcheck | American Fuzzy Lop | |
---|---|---|
5 | 21 | |
952 | 2,903 | |
- | - | |
7.3 | 0.0 | |
9 days ago | almost 3 years ago | |
Java | C | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
junit-quickcheck
-
Need your feedback on a tool that auto-generates unit tests for java code
For anyone interested, there's also https://github.com/pholser/junit-quickcheck . Haven't used it myself but looks like an interesting library to explore. It's based on QuickCheck as well AFAIK.
-
Coding Challenge
Thank you for the insightful reply. I did struggle to convert the original algorithm I wrote (with while loops / continue / break) to a more functional style using unfold, and also faced an issue with the type signatures when I tried to break down the contents of Stream.unfoldRight to multiple functions, which is reflected to the messy state you mentioned. Regarding property based testing, I used junit-quickcheck and the "symmetry" property check was one I meant to write but wasn't quite sure how to create a generator for it. I created an issue to track my attempt to incorporate your suggestions in case you are interested in following this. Thanks again!
-
Does anyone have any advice for writing better Java tests.
A quick Google search shows that java has a library for this (here) but I've never used it in java so can't attest to it.
-
GitHub Copilot for JetBrains and Neovim
QuickcCheck-type tools (generators for tests that know about the edge cases of a domain - e. g. for the domain of numbers considering things like 0, the infinities, various almost-and-just-over powers of two, NaN and mantissas for floats, etc.):
* QuickCheck: https://hackage.haskell.org/package/QuickCheck
* Hypothesis: https://hypothesis.readthedocs.io/en/latest/
* JUnit QuickCheck: https://github.com/pholser/junit-quickcheck
Fuzz testing tools (tools which mutate the inputs to a program in order to find interesting / failing states in that program). Generally paired with code coverage:
* American Fuzzy Lop (AFL): https://github.com/google/AFL
* JQF: https://github.com/rohanpadhye/JQF
Mutation / Fault based test tools (review your existing unit coverage and try to introduce changes to your _production_ code that none of your tests catch)
* PITest: https://pitest.org/
-
Fuzzing Java in OSS-Fuzz
If you want an easy way to have better mutation coverage, check out property based testing. Eg junit-quickcheck for Java.
https://github.com/pholser/junit-quickcheck
American Fuzzy Lop
-
Prefer table driven tests (2019)
There's some efforts to guide test generation for property based testing to make the instruction pointer explore as large a space as possible.
This effort is more mature in the fuzzing community. See eg American Fuzzy Lop https://github.com/google/AFL
-
C++ Faker library
What you're describing, just generating random input to test a program, is sometimes called "blind fuzzing" but the state-of-the-art is far beyond that. Maybe try reading through the documentation of e.g. https://github.com/google/AFL to see what a fuzzer does and why just producing random input isn't even scratching the surface.
-
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries
for general riscv I used to use this https://github.com/google/AFL I dont know if it supports x64 tho.
-
How to fuzz java code with jazzar?
Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )
-
One year ago I wrote a buddy memory allocator - project update
I wrote this little fuzz test target in order to fuzz it with afl (under ASan and UBSan):
-
Beariish/little: A small, easily embedded language implemented in a single .c file
afl, which is trivial to apply to this program:
-
TCL like interpreter suitable for embedded use
I made my own version of a TCL interpreter (well, a very TCL like langauge) derived from "picol" available at https://github.com/howerj/pickle. There are many different re-implementations and derivatives of this interpreter but they all seem very "crashy", this one has been significantly hardened by using a fuzzer on it which ran for months called American Fuzzy Lop https://lcamtuf.coredump.cx/afl/ . It is also more suitable for embedded use whilst still not having arbitrary restrictions like many other implementations.
-
What's in your tool belt?
On Linux afl is a very powerful bug-finding tool, and it's a great companion when doing code review. Composes well with ASan and UBSan.
- Afl - American fuzzy lop - a security-oriented fuzzer
-
Difficulty of CSCA48 compared to other first year cs/math courses
b-, https://lcamtuf.coredump.cx/afl/
What are some alternatives?
jqwik - Property-Based Testing on the JUnit Platform
boofuzz - A fork and successor of the Sulley Fuzzing Framework
jazzer - Coverage-guided, in-process fuzzing for the JVM
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
copilot.vim - Neovim plugin for GitHub Copilot
Cppcheck - static analysis of C/C++ code
JQF - JQF + Zest: Coverage-guided semantic fuzzing for Java.
HTTP Parser - http request/response parser for c
copilot-docs - Documentation for GitHub Copilot
PHP CPP - Library to build PHP extensions with C++
libfuzzer-workshop - Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
ZXing - ZXing ("Zebra Crossing") barcode scanning library for Java, Android