On this page

Fuzzing

Fuzzing 101 is a nice guide.

Links

fluff - Fast web fuzzer written in Go.
Wfuzz - Web application fuzzer.
Building Fast Fuzzers (2019)
How to break everything by fuzz testing (2020) (HN)
AFLSmart - Smart Greybox Fuzzing.
Fuzzing Firefox with WebIDL (2020)
Fuzzit - Helps you integrate Continuous Fuzzing to your C/C++, Java, Go, Rust and Swift projects with your current CI/CD workflow.
rustbuster - Comprehensive Web Fuzzer and Content Discovery Tool.
lain - Fuzzer framework built in Rust.
Fuzzing Raft for Fun and Publication (2015)
Design Draft: First Class Fuzzing in Go
FuzzCon - European Online Conference About Fuzzing. (Videos)
Advanced Fuzzing: Compare shattering (2020)
The Relevance of Classic Fuzz Testing: Have We Solved This One? (2020)
OneFuzz - Self-hosted Fuzzing-As-A-Service platform.
Let’s build a high-performance fuzzer with GPUs (2020) (HN)
The Fuzzing Book - Tools and Techniques for Generating Software Tests. (Code)
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels (2017)
libxdc (eXtremely fast DeCoder) - Aims to be the best Intel-PT decoding library for fuzzing purposes.
Nautilus - Coverage guided, grammar based fuzzer.
Redqueen - Fuzzing with Input-to-State Correspondence.
REST API Fuzz Testing (RAFT) - Self hosted REST API Fuzzing-As-A-Service platform.
Hyper-Cube: High-Dimensional Hypervisor Fuzzing (2020)
Atheris - Coverage-Guided, Native Python Fuzzer.
FuzzGen - Tool for automatically synthesizing fuzzers for complex libraries in a given environment.
jdam - Structure-aware JSON fuzzing.
RESTler - First stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
FuzzOS (2020) - Operating system which is designed specifically for fuzzing.
GUSTAVE - Embedded OS kernel fuzzer.
Jackalope - Customizable, distributed, coverage-guided fuzzer that is able to work with black-box binaries.
kAFL - Fuzzer for full VM kernel/driver targets.
Snapandgo - {golang, ptrace, snapshot}-based fuzzer.
Honggfuzz - Security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options. (Web)
How to Spot Good Fuzzing Research (2018)
Browser fuzzing at Mozilla (2021) (HN)
Fuzz me wrong – How QuickCheck destroyed my favorite theory (HN)
Fuzzing Forum - Tutorials, examples, discussions, research proposals, and other resources related to fuzzing.
dharma - Generation-based, context-free grammar fuzzer.
Lessons from Fuzzing a Compiler for a Year (2021)
SQLfuzz - Simple SQL table fuzzing.
Tavor - Generic fuzzing and delta-debugging framework.
What Is Fuzz Testing? (2021) (HN)
An Empirical Study of OSS-Fuzz Bugs (2021)
Coverage Guided, Property Based Testing
Static Mocking vs. Mocking with Fuzz Data (Embedded) (2021)
Awesome Fuzzing
LibAFL - Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust.
ssdeep - Fuzzy hashing API and fuzzy hashing tool.
Fuzzinator - Random Testing Framework.
rfuzz - Coverage-directed fuzzing for RTL research platform. (Paper)
The Use of Likely Invariants as Feedback for Fuzzers
Random Sampling of Strings from Context-Free Grammar (2021)
Tough Fuzzer - Obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter.
gramfuzz - Grammar-based fuzzer that lets one define complex grammars to model text and binary data formats.
GOFUZZ - Fast web fuzzer which takes in URL as input and test the URL for different set of inputs provided by the user.
The Challenges of Fuzzing 5G Protocols (2021) (Lobsters)
Nyx-Net: Network Fuzzing with Incremental Snapshots (2021)
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
Revizor - Microarchitectural fuzzer. Searches for microarchitectural bugs in CPUs.
OpenAPI fuzzer - Fuzzing APIs based on OpenAPI specification. (HN)
FuzzBench - Fuzzer Benchmarking As a Service. (Docs)
Blacksmith Rowhammer Fuzzer - Crafts novel non-uniform Rowhammer access patterns based on the concepts of frequency, phase, and amplitude.
Fuzzing - Tool set for fuzz and stress testing your functions.
Recent Papers Related To Fuzzing
FormatFuzzer - Framework for high-efficiency, high-quality generation and parsing of binary inputs.
fuzzuf - Fuzzing Unification Framework.
BINSEC - Open-source toolset to help improve software security at the binary level.
bun - Tool for integrating fuzzer-based tests into a conventional CI pipeline.
Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types (2021)
Fuzz introspector - Tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.
Stateful Model-Based Database Fuzzing (2022)
FirmWire - Full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares.
Frelatage - Coverage-based Python fuzzing library which can be used to fuzz python code.
Banana Fuzzer - Modulable, loop based, poc gen, code cov, platform agnostic, race oriented.
Awesome Grammar Fuzzing
sfuzz - JIT compiler / Fuzzer.
Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis (2022) (Code)
Awesome Directed Fuzzing
Why fuzzing with emulators is amazing
Fuzzing 101 - Step by step fuzzing tutorial. A GitHub Security Lab initiative.
DeepState - Unit test-like interface for fuzzing and symbolic execution.
Variation of american fuzzy lop for testing compilers
Centipede - Distributed fuzzing engine.
Fuzzing rust-minidump for Embarrassment and Crashes - Part 2 (2022) (Lobsters)
Fuzz Map - GUI fuzzer, interactive demo. (HN)
Frameshifter - Grammar-based HTTP/2 fuzzer with mutation ability.
czz - Whole-program, scriptable, multi-language, coverage-guided fuzzer.
Jit-Picking: Differential Fuzzing of JavaScript Engines (2022)
Hacking TMNF: Fuzzing the game server (2022)
Curl-Fuzzer - Quality assurance testing for the curl project.
How Fuzzy are Your Fuzzers? (2022)
From Fuzzing to Proof: Using Kani with the Bolero Property-Testing Framework (2022) (Lobsters)
Hyperpom - Coverage-guided mutation-based fuzzing framework built on top of the Apple Silicon Hypervisor.
FTZZ - File Tree Fuzzer creates a pseudo-random directory hierarchy filled with some number of files.
AFLNet - Greybox Fuzzer for Network Protocols.
Firefly - Black box fuzzer for web applications.
autofz: Automated Fuzzer Composition at Runtime (2023)
Random Fuzzy Thoughts (2023)
ziggy - Fuzzer manager for Rust projects.
tree-crasher - Easy-to-use grammar-based black-box fuzzer.

Genomics

Immunology

Startups

AWS

Serverless computing

Build systems

Computer vision

Algorithms

Formal verification

Blockchain

Figma

Message queue

Remote Procedure Calls

Psychedelics

Lysergamides

Tryptamines

Renewable energy

CSS

Game development

Game engines

CPU

Nutrition

Drinks

2018

2019

2020

2021

2022

Alfred

Keyboard Maestro

Xcode

Neural networks

Linear algebra

Logic

Automated theorem proving

Mathematical optimization

Statistics

Type Theory

Diseases

Music production

GraphQL

Internet of things

Peer to peer

VPN

GitHub

Containers

Kubernetes

iOS

Linux

Nix

Electrical engineering

Quantum physics

Functional programming

Interactive computing

Software testing

Version control

C

Clojure

C++

Dart

Elixir

Elm

Go

Go libraries

Java

JavaScript

JS libraries

React

Julia

Kotlin

Lisp

Nim

Objective C

OCaml

Processing

Prolog

Python

Python libraries

R language

ReasonML