Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free. Learn more →
American Fuzzy Lop Alternatives
Similar projects and alternatives to American Fuzzy Lop
-
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
ZXing
ZXing ("Zebra Crossing") barcode scanning library for Java, Android
-
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
-
-
Experimental Boost.DI
DI: C++14 Dependency Injection Library
-
-
InfluxDB
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
-
-
honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
-
-
-
w64devkit
Portable C and C++ Development Kit for x64 (and x86) Windows
-
fishnet
Distributed Stockfish analysis for lichess.org (by lichess-org)
-
-
-
-
-
nvim-treesitter
Nvim Treesitter configurations and abstraction layer
-
-
Yacy
Distributed Peer-to-Peer Web Search Engine and Intranet Search Appliance
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better American Fuzzy Lop alternative or higher similarity.
American Fuzzy Lop reviews and mentions
Posts with mentions or reviews of American Fuzzy Lop.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-11-19.
-
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries
for general riscv I used to use this https://github.com/google/AFL I dont know if it supports x64 tho.
-
How to fuzz java code with jazzar?
Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )
-
One year ago I wrote a buddy memory allocator - project update
I wrote this little fuzz test target in order to fuzz it with afl (under ASan and UBSan):
-
Beariish/little: A small, easily embedded language implemented in a single .c file
afl, which is trivial to apply to this program:
-
TCL like interpreter suitable for embedded use
I made my own version of a TCL interpreter (well, a very TCL like langauge) derived from "picol" available at https://github.com/howerj/pickle. There are many different re-implementations and derivatives of this interpreter but they all seem very "crashy", this one has been significantly hardened by using a fuzzer on it which ran for months called American Fuzzy Lop https://lcamtuf.coredump.cx/afl/ . It is also more suitable for embedded use whilst still not having arbitrary restrictions like many other implementations.
-
What's in your tool belt?
On Linux afl is a very powerful bug-finding tool, and it's a great companion when doing code review. Composes well with ASan and UBSan.
-
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PyFuzzer.The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications.
-
A tiny C89/C90 zero-allocation JSON serializer
How to use with afl:
-
Ask HN: What are some worthy non-cryto uses of excess home compute nowadays?
Learning how to is half the fun!
There's a bunch of good tutorials out there on [dumb] fuzzing (presumably where you'll start). One starting point I'd recommend is taking a binary that accepts input from stdin and making some proof-of-concepts with AFL (https://lcamtuf.coredump.cx/afl/).
If you'd rather start from a code/library perspective (and not CLI), I'd recommend libfuzzer (https://github.com/Dor1s/libfuzzer-workshop/).
There's a lot of other fuzzers, techniques, and depth to the field, but I'd recommend inch worming through (speed up as you gain more comfort). The Fuzzing Book is good to help you understand the logic behind techniques and strategies (https://www.fuzzingbook.org/)
As for some management, there's a few decent "monitoring" systems out there; personally I just SSH in and check the fuzzer manually (I leave it running in a tmux pane), but if that's not your cup of tea I've heard good things about OneFuzz (https://github.com/microsoft/onefuzz) and LuckyCat (https://github.com/fkie-cad/LuckyCAT).
Happy to answer any specifics of the sort :)
-
SCL_String : My Attempt at a C String Library - Public Domain, Single Header File (WIP)
afl is a very easy to use fuzzer, and pairs well with the above. It adds instrumentation to your program's branches, and then uses an algorithm to discover inputs that exercise many different paths through your program. If some of those paths leads in invalid or unexpected states, hopefully ASan or UBSan will catch them, alerting you about the problem and giving you a test input from which to debug. In your case I expect it will find particular sequences of allocate/free that lead to a bad state, though that's currently trivially easy to find anyway. The program I gave you, which simply reads from standard input and operates on it, is all you need to fuzz part of your library with afl.
-
A note from our sponsor - SonarQube
www.sonarqube.org | 22 Mar 2023
Stats
Basic American Fuzzy Lop repo stats
19
2,903
0.0
over 1 year ago
google/AFL is an open source project licensed under Apache License 2.0 which is an OSI approved license.
Popular Comparisons
- American Fuzzy Lop VS HTTP Parser
- American Fuzzy Lop VS Cppcheck
- American Fuzzy Lop VS ZXing
- American Fuzzy Lop VS PHP CPP
- American Fuzzy Lop VS Experimental Boost.DI
- American Fuzzy Lop VS AFLplusplus
- American Fuzzy Lop VS boofuzz
- American Fuzzy Lop VS pdqsort
- American Fuzzy Lop VS Better String
- American Fuzzy Lop VS honggfuzz
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com