Top 23 Fuzzer Open-Source Projects

• ffuf

  17 11,486 5.7 Go

  Fast web fuzzer written in Go

  

Project mention: Show HN: Pfuzz, a web fuzzer following the Unix philosophy | news.ycombinator.com | 2024-01-21

It seems to me like "fuzzing" has a different meaning in web application penetration testing. Here, "fuzzer" is a term for tools that just generate different request using wordlists, without adding any mutations. For example, the two popular web fuzzers ffuf [1] and wfuzz [2] also call themselves fuzzers.

I see how reusing a term for a different concept is bothersome, but I feel like "fuzzer" is the term that people learning about bug bounty hunting are familiar with.

[1] https://github.com/ffuf/ffuf

[2] https://wfuzz.readthedocs.io/en/latest/

• dirsearch

  12 11,271 7.7 Python

  Web path scanner

Project mention: Looking for some help with this Python package | /r/learnpython | 2023-08-19

I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• syzkaller

  7 5,143 9.8 Go

  syzkaller is an unsupervised coverage-guided kernel fuzzer

  

Project mention: Automated Unit Test Improvement Using Large Language Models at Meta | news.ycombinator.com | 2024-02-17

https://arxiv.org/abs/2402.09171 :

> This paper describes Meta's TestGen-LLM tool, which uses LLMs to automatically improve existing human-written tests. TestGen-LLM verifies that its generated test classes successfully clear a set of filters that assure measurable improvement over the original test suite, thereby eliminating problems due to LLM hallucination. [...] We believe this is the first report on industrial scale deployment of LLM-generated code backed by such assurances of code improvement.

Coverage-guided unit test improvement might [with LLMs] be efficient too.

https://github.com/topics/coverage-guided-fuzzing :

- e.g. Google/syzkaller is a coverage-guided syscall fuzzer: https://github.com/google/syzkaller

- Gitlab CI supports coverage-guided fuzzing: https://docs.gitlab.com/ee/user/application_security/coverag...

- oss-fuzz, osv

Additional ways to improve tests:

Hypothesis and pynguin generate tests from type annotations.

There are various tools to generate type annotations for Python code;

> pytype (Google) [1], PyAnnotate (Dropbox) [2], and MonkeyType (Instagram) [3] all do dynamic / runtime PEP-484 type annotation type inference [4] to generate type annotations. https://news.ycombinator.com/item?id=39139198

icontract-hypothesis generates tests from icontract DbC Design by Contract type, value, and invariance constraints specified as precondition and postcondition @decorators:

• AFLplusplus

  16 4,646 9.7 C

  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

  

Project mention: Decoding C/C++ Compilation Process: From Source Code to Binary | /r/cpp | 2023-06-08

It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.

• echidna

  33 2,564 8.5 Solidity

  Ethereum smart contract fuzzer

  

Project mention: Echidna 2.2.0 released with improvements in fuzzing performance and UX | /r/DeFiSecurity | 2023-05-23

• Fuzzing101

  5 2,269 0.0

  An step by step fuzzing tutorial. A GitHub Security Lab initiative

Project mention: Gaining kernel code execution on an MTE-enabled Pixel 8 | news.ycombinator.com | 2024-03-18

This work comes from GitHub's Security Lab https://securitylab.github.com/

• wtf

  1 1,351 5.6 C++

  wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!). (by 0vercl0k)

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

• cats

  22 1,097 9.8 Java

  CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance. (by Endava)

  

Project mention: Ask HN: What Underrated Open Source Project Deserves More Recognition? | news.ycombinator.com | 2024-03-07

• prjxray

  8 736 8.4 Python

  Documenting the Xilinx 7-series bit-stream format.

  

Project mention: AMD Proposes an FPGA Subsystem User-Space Interface for Linux | news.ycombinator.com | 2024-01-04

• openapi-fuzzer

  4 516 6.8 Rust

  Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!

• monsoon

  2 444 6.4 Go

  Fast HTTP enumerator

  

• HawkScan

  1 434 4.3 Python

  Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)

• EvoMaster

  5 437 9.8 Kotlin

  The first open-source AI-driven tool for automatically generating system-level test cases (also known as fuzzing) for web/enterprise applications. Currently targeting whitebox and blackbox testing of Web APIs, like REST, GraphQL and RPC (e.g., gRPC and Thrift).

  

Project mention: EvoMaster 2.0: A Fuzzer for generating JUnit tests for REST, GraphQL and RPC APIs | /r/java | 2023-10-13

Open-source on GitHub at: https://github.com/EMResearch/EvoMaster

• fuzzcheck-rs

  8 423 5.5 Rust

  Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions

• Reconator

  1 405 3.9 Python

  Automated Recon for Pentesting & Bug Bounty

• FormatFuzzer

  4 384 0.0 Python

  FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

  

• firefly

  1 371 8.7 Go

  Black box fuzzer for web applications (by Brum3ns)

• fuzzuf

  2 352 7.9 C++

  Fuzzing Unification Framework

  

• sharpfuzz

  1 351 6.5 C#

  AFL-based fuzz testing for .NET

• grammarinator

  1 328 8.8 Python

  ANTLR v4 grammar-based test generator

• candy

  3 313 9.9 Rust

  🍭 A sweet, functional programming language that is robust, minimalistic, and expressive. (by candy-lang)

  

Project mention: Candy – a minimalistic functional programming language | news.ycombinator.com | 2024-02-24

We're using some unstable features (hence nightly), and I just updated our Rust version on Thursday (https://github.com/candy-lang/candy/pull/948) because the previous one (nightly-2023-07-21) was too old for a dependency. So we're not usually using this recent Rust versions.

Thanks for letting us know about the binary size! We previously enabled debug info in release builds to use flamegraphs, but actually don't need it for most builds. I just disabled it (https://github.com/candy-lang/candy/pull/950), and the binary size went down from 177.4 MB to 14.2 MB for me!

The CLI should work, or at least we're using it regularly when working on Candy. Can you please share your OS and the command and output, maybe in a GitHub issue? We definitely need to improve our documentation and the CLI's error handling. Does running `cargo run --release -- run ./packages/Examples/helloWorld.candy` from the repository root work for you?

The VS Code extension also uses the CLI internally since that exposes a language server, so it basically runs `cargo run --release -- lsp`. But we also have to improve the stability here.

• vaf

  1 307 1.8 Nim

  Vaf is a cross-platform very advanced and fast web fuzzer written in nim

• frelatage

  13 230 0.0 Python

  Coverage-based fuzzer for python applications

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Fuzzer related posts

• Show HN: Pfuzz, a web fuzzer following the Unix philosophy

  6 projects | news.ycombinator.com | 21 Jan 2024

• Fast web fuzzer written in Go

  1 project | news.ycombinator.com | 24 Dec 2023

• Looking for some help with this Python package

  1 project | /r/learnpython | 19 Aug 2023

• JQF Genetic Algorithm

  1 project | /r/fuzzing | 23 Jun 2023

• Is there a Linux user-space program that causes execution through every kernel function path and context?

  1 project | /r/kernel | 5 Jun 2023

• Those scary warnings of juice jacking in airports and hotels? They’re nonsense

  1 project | /r/technology | 1 May 2023

• Why is my fuzzer running so slow?

  1 project | /r/rust | 1 May 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 10 May 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com