Automated Fuzz Testing: The Power of Code Intelligence App

This page summarizes the projects mentioned and recommended in the original post on

Our great sponsors
  • Sonar - Write Clean Java Code. Always.
  • ONLYOFFICE ONLYOFFICE Docs — document collaboration in your environment
  • InfluxDB - Access the most powerful time series database as a service
  • cifuzz

    cifuzz makes fuzz tests as easy as unit tests

    Code Intelligence offers automated testing solutions such as CI Fuzz is an open-source command line tool designed to create fuzz tests and automate the fuzz testing process. It can be integrated into Continuous Integration (CI) pipelines, making it easier to run and manage the testing process. For example, it can help developers ship secure software by providing the necessary integrations to test their code at each pull request. CI Fuzz supports a wide range of programming languages, including C, C++, JavaScript, Java, Kotlin, and other JVM-based languages.

  • starter-workflows

    Accelerating new GitHub Actions workflows

    In the sample Java project, we have existing fuzz tests (You can check the test under this folder) and it has GitHub action is set up. Only thing you need us to set into a GitHub Workflow file is an action secret called CI_FUZZ_API_TOKEN with your API token. You can generate it under your Account setting on the Tokens tab.

  • Sonar

    Write Clean Java Code. Always.. Sonar helps you commit clean code every time. With over 600 unique rules to find Java bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • jazzer

    Coverage-guided, in-process fuzzing for the JVM

    Input Generation: The tester uses a fuzzing tool such as CI Fuzz or Jazzer to generate random or unexpected inputs to the software application.

  • java-demo

    Simple Java project showcases two vulnerabilities - a SQL injection and a RCE that although simplified were inspired from two real-word CVEs

    Now you can try to find your first bug in your project. We are going to use a simple ready java project that has two already vulnerabilities - a SQL injection and an RCE.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts