Oss-fuzz Alternatives

Similar projects and alternatives to oss-fuzz

AFLplusplus

1 2,916 9.8 C oss-fuzz VS AFLplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
fuzzilli

1 1,458 6.8 Swift oss-fuzz VS fuzzilli

A JavaScript Engine Fuzzer
Scout APM

scoutapm.com
sponsored

Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
concise-encoding

1 228 9.2 ANTLR oss-fuzz VS concise-encoding

The secure data format for a modern world
libfuzzer

- 40 3.7 Nim oss-fuzz VS libfuzzer

Thin interface for libFuzzer, an in-process, coverage-guided, evolutionary fuzzing engine.
FFmpeg

1 31,032 10.0 C oss-fuzz VS FFmpeg

Mirror of https://git.ffmpeg.org/ffmpeg.git
uafuzz

- 266 0.0 C oss-fuzz VS uafuzz

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
ffmpeg-libav-tutorial

1 8,041 5.6 C oss-fuzz VS ffmpeg-libav-tutorial

FFmpeg libav tutorial - learn how media works from basic to transmuxing, transcoding and more
SonarQube

www.sonarqube.org
sponsored

Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
ffmpeg-tutorial

- 1,128 10.0 C oss-fuzz VS ffmpeg-tutorial

A set of tutorials that demonstrates how to write a video player based on FFmpeg
thumbor

2 226 1.6 Smarty oss-fuzz VS thumbor

The quickest way to run thumbor. (by MinimalCompact)
imaginary

- 4,472 4.9 Go oss-fuzz VS imaginary

Fast, simple, scalable, Docker-ready HTTP microservice for high-level image processing
YCSB

1 4,195 0.0 Java oss-fuzz VS YCSB

Yahoo! Cloud Serving Benchmark
vmaf

1 2,982 9.2 Python oss-fuzz VS vmaf

Perceptual video quality assessment based on multi-method fusion.
rav1e

1 2,868 9.1 Assembly oss-fuzz VS rav1e

The fastest and safest AV1 encoder.
American Fuzzy Lop

1 2,806 0.0 C oss-fuzz VS American Fuzzy Lop

american fuzzy lop - a security-oriented fuzzer
cluster-api

1 2,359 9.8 Go oss-fuzz VS cluster-api

Home for Cluster API, a subproject of sig-cluster-lifecycle
ryu

1 940 0.9 C++ oss-fuzz VS ryu

Converts floating point numbers to decimal strings
Av1an

1 784 9.1 Rust oss-fuzz VS Av1an

Cross-platform command-line AV1 / VP9 / HEVC / H264 encoding framework with per scene quality encoding
awesome-saas-boilerplates

1 541 5.3 oss-fuzz VS awesome-saas-boilerplates
tpm2-tss

1 532 8.6 C oss-fuzz VS tpm2-tss

OSS implementation of the TCG TPM2 Software Stack (TSS2)
zero

1 489 5.7 Go oss-fuzz VS zero

Allow startup developers to ship to production on day 1 (by commitdev)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better oss-fuzz alternative or higher similarity.

Suggest an alternative to oss-fuzz

oss-fuzz reviews and mentions

Posts with mentions or reviews of oss-fuzz. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-05-25.

Learnings from 5 Years of Tech Startup Code Audits
4 projects | news.ycombinator.com | 25 May 2022
OSS-Fuzz: Continuous Fuzzing for Open Source Software
1 project | news.ycombinator.com | 19 May 2022
Google supports Monero in new OSS security initiative
2 projects | reddit.com/r/Monero | 18 May 2022

Element of truth in it.. https://github.com/google/oss-fuzz/blob/master/projects/monero/project.yaml

2 projects | reddit.com/r/Monero | 18 May 2022
OSS-Fuzz ?? Setup Cluster API on OSS-Fuzz
3 projects | dev.to | 20 Apr 2022

This is the corresponding google/oss-fuzz PR for CAPI setup `

3 projects | dev.to | 20 Apr 2022

To know more, read this detailed documentation to learn how to use OSS-Fuzz
Dav1d, fast AV1 decoder, version 1.0.0 released
5 projects | news.ycombinator.com | 18 Mar 2022

It is tested by Google's OSS-Fuzz among others: https://github.com/google/oss-fuzz/tree/master/projects/dav1...
It did produce results: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11464
Ten-year experience in DBMS testing
15 projects | dev.to | 4 Feb 2022

I have already mentioned that Tarantool uses third-party libraries. Many of them already use fuzz testing: the curl, c-ares, zstd, and OpenSSL projects are regularly tested in the OSS-Fuzz infrastructure. Tarantool code has many parts where the code is used for parsing (e.g., SQL or HTTP query parsing) or MsgPack decoding. This code may be vulnerable to bugs related to memory management. The good news is that fuzz testing quickly detects such issues. Tarantool also has integration with OSS-Fuzz, but there are not many tests yet, and we found a single bug in the http_parser library. The number of such tests might eventually grow, and we have detailed instructions for those who want to add a new one.
Can Some one here verify whether it is true or false? I saw this passage on Quora. It looks Kinda funny to me.
3 projects | reddit.com/r/linux | 20 Jan 2022

https://google.github.io/oss-fuzz/ "In cooperation with the Core Infrastructure Initiative and the OpenSSF, OSS-Fuzz aims to make common open source software more secure and stable"
All the giant companies used ffmpeg
4 projects | news.ycombinator.com | 24 Dec 2021

ffmpeg/libav is being fuzzed with reasonable success. See for example https://github.com/google/oss-fuzz/tree/master/projects/ffmp... and https://security.googleblog.com/2014/01/ffmpeg-and-thousand-....
They found issues in code I wrote...
(I work for Google but do not speak for it)
Imagor is a fast, Docker-ready image processing server written in Go
5 projects | news.ycombinator.com | 10 Dec 2021

For what it's worth, it's part of OSS fuzz
https://github.com/google/oss-fuzz/tree/a21768ce6a5056d27f82...
Is OSCP right certification for me? Pentesting vs exploit development
1 project | reddit.com/r/oscp | 1 Nov 2021

fuzzing is not secret knowledge. check out https://github.com/google/oss-fuzz and it's documentation
FuzzBench: Open Fuzzer Benchmarking Platform and Service
1 project | news.ycombinator.com | 20 Aug 2021
Free fuzzing tool for (major) java projects.
2 projects | reddit.com/r/java | 13 Aug 2021
FastDoubleParser: Java port of Daniel Lemires fast_double_parser
4 projects | news.ycombinator.com | 22 Mar 2021

The successes of fuzzing projects like oss-fuzz have demonstrated significant shortcomings to hand-curating test cases in the manner you describe. Testing every 64bit float value is unrealistic, but testing a huge number of randomly selected values by cross-comparison with other libraries is a very good idea for code like this.
https://github.com/google/oss-fuzz

Stats

Basic oss-fuzz repo stats

Mentions

Stars

7,667

Activity

9.9

Last Commit

6 days ago

google/oss-fuzz is an open source project licensed under Apache License 2.0 which is an OSI approved license.

oss-fuzz

Oss-fuzz Alternatives

Similar projects and alternatives to oss-fuzz

oss-fuzz reviews and mentions

Stats

Popular Comparisons