SaaSHub helps you find the best software and product alternatives Learn more →
Top 7 Go Fuzzer Projects
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Show HN: Pfuzz, a web fuzzer following the Unix philosophy | news.ycombinator.com | 2024-01-21It seems to me like "fuzzing" has a different meaning in web application penetration testing. Here, "fuzzer" is a term for tools that just generate different request using wordlists, without adding any mutations. For example, the two popular web fuzzers ffuf [1] and wfuzz [2] also call themselves fuzzers.
I see how reusing a term for a different concept is bothersome, but I feel like "fuzzer" is the term that people learning about bug bounty hunting are familiar with.
[1] https://github.com/ffuf/ffuf
[2] https://wfuzz.readthedocs.io/en/latest/
Project mention: Automated Unit Test Improvement Using Large Language Models at Meta | news.ycombinator.com | 2024-02-17https://arxiv.org/abs/2402.09171 :
> This paper describes Meta's TestGen-LLM tool, which uses LLMs to automatically improve existing human-written tests. TestGen-LLM verifies that its generated test classes successfully clear a set of filters that assure measurable improvement over the original test suite, thereby eliminating problems due to LLM hallucination. [...] We believe this is the first report on industrial scale deployment of LLM-generated code backed by such assurances of code improvement.
Coverage-guided unit test improvement might [with LLMs] be efficient too.
https://github.com/topics/coverage-guided-fuzzing :
- e.g. Google/syzkaller is a coverage-guided syscall fuzzer: https://github.com/google/syzkaller
- Gitlab CI supports coverage-guided fuzzing: https://docs.gitlab.com/ee/user/application_security/coverag...
- oss-fuzz, osv
Additional ways to improve tests:
Hypothesis and pynguin generate tests from type annotations.
There are various tools to generate type annotations for Python code;
> pytype (Google) [1], PyAnnotate (Dropbox) [2], and MonkeyType (Instagram) [3] all do dynamic / runtime PEP-484 type annotation type inference [4] to generate type annotations. https://news.ycombinator.com/item?id=39139198
icontract-hypothesis generates tests from icontract DbC Design by Contract type, value, and invariance constraints specified as precondition and postcondition @decorators:
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Go Fuzzer related posts
-
Show HN: Pfuzz, a web fuzzer following the Unix philosophy
-
Fast web fuzzer written in Go
-
Is there a Linux user-space program that causes execution through every kernel function path and context?
-
Those scary warnings of juice jacking in airports and hotels? They’re nonsense
-
Directory Discovery Tools
-
Pentesting Tools I Use Everyday
-
Tips on enumerating unknown APIs in my environment?
-
A note from our sponsor - SaaSHub
www.saashub.com | 10 May 2024
Index
What are some of the best open-source Fuzzer projects in Go? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | ffuf | 11,486 |
| 2 | syzkaller | 5,143 |
| 3 | monsoon | 444 |
| 4 | firefly | 371 |
| 5 | hopper | 108 |
| 6 | gigger | 38 |
| 7 | gofuzz | 35 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com