{"id":13649613,"url":"https://github.com/fuzzstati0n/fuzzgoat","last_synced_at":"2025-04-22T14:32:06.874Z","repository":{"id":37854208,"uuid":"93589072","full_name":"fuzzstati0n/fuzzgoat","owner":"fuzzstati0n","description":"A vulnerable C program for testing fuzzers. ","archived":false,"fork":false,"pushed_at":"2022-11-10T08:58:34.000Z","size":26,"stargazers_count":190,"open_issues_count":2,"forks_count":65,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-10T00:33:09.824Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fuzzstati0n.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-06-07T03:35:34.000Z","updated_at":"2024-10-03T05:12:53.000Z","dependencies_parsed_at":"2022-07-12T17:02:42.712Z","dependency_job_id":null,"html_url":"https://github.com/fuzzstati0n/fuzzgoat","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuzzstati0n%2Ffuzzgoat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuzzstati0n%2Ffuzzgoat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuzzstati0n%2Ffuzzgoat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuzzstati0n%2Ffuzzgoat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fuzzstati0n","download_url":"https://codeload.github.com/fuzzstati0n/fuzzgoat/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250259109,"owners_count":21401041,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T02:00:21.263Z","updated_at":"2025-04-22T14:32:01.857Z","avatar_url":"https://github.com/fuzzstati0n.png","language":"C","funding_links":[],"categories":["Vulnerable Applications","Uncategorized","Resources"],"sub_categories":["Essential Tools","Firmware","By Purpose"],"readme":"Welcome to Fuzzgoat\n===================\n\nThis C program has been deliberately backdoored with several memory corruption bugs to test the efficacy of fuzzers and other analysis tools. Each vulnerability is clearly commented in fuzzgoat.c. Under input-files/ are files to trigger each vulnerability.\n\nCAUTION: Do not copy any of this code - there is evil stuff in this repo.\n\n\nInstall AFL (American Fuzzy Lop)\n------------------------\n\nWhile Fuzzgoat can be attacked using any fuzzer, we like AFL. To install it:\n\n1. Download AFL: [http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz](http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz)\n\n2. Build AFL with `make install`\n\n3. See the AFL quick start guide for more info: [http://lcamtuf.coredump.cx/afl/QuickStartGuide.txt](http://lcamtuf.coredump.cx/afl/QuickStartGuide.txt) \n\n\nBuilding Fuzzgoat\n----------\n\nFuzzgoat builds with make. With afl-gcc in your PATH:\n\n`make`\n\n\nRunning AFL\n--------------------------\n\nWith afl-fuzz in your PATH and a seed file in a directory called in/\n\n`afl-fuzz -i in -o out ./fuzzgoat @@` \n\nor simply:\n\n`make afl`\n\n\nThank You\n---------\nContributor: Joseph Carlos \n\nFuzzgoat was adapted from udp/json-parser - we chose it because:\n\n* Its not too big or cumbersome - ~1200 lines of C yet lots of paths for a fuzzer to dig into.\n* Performance: its very fast at ~1500 execs per sec per core.\n* The code is clean and very readable.\n\nFuzz Stati0n would like to thank the creators and maintainers of udp/json-parser. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffuzzstati0n%2Ffuzzgoat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffuzzstati0n%2Ffuzzgoat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffuzzstati0n%2Ffuzzgoat/lists"}