{"id":18508436,"url":"https://github.com/ossf/fuzz-introspector","last_synced_at":"2025-05-15T01:06:35.727Z","repository":{"id":37011276,"uuid":"435621409","full_name":"ossf/fuzz-introspector","owner":"ossf","description":"Fuzz Introspector -- introspect, extend and optimise fuzzers","archived":false,"fork":false,"pushed_at":"2025-05-06T23:12:02.000Z","size":9023,"stargazers_count":414,"open_issues_count":98,"forks_count":68,"subscribers_count":19,"default_branch":"main","last_synced_at":"2025-05-06T23:19:36.764Z","etag":null,"topics":["fuzz-testing","fuzzing","security","security-research","testing","vulnerability-analysis"],"latest_commit_sha":null,"homepage":"https://fuzz-introspector.readthedocs.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-12-06T19:27:40.000Z","updated_at":"2025-05-06T23:12:07.000Z","dependencies_parsed_at":"2023-12-23T18:42:27.070Z","dependency_job_id":"4115c43f-8e66-4ded-8338-77e0635aef09","html_url":"https://github.com/ossf/fuzz-introspector","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Ffuzz-introspector","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Ffuzz-introspector/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Ffuzz-introspector/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Ffuzz-introspector/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossf","download_url":"https://codeload.github.com/ossf/fuzz-introspector/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254254041,"owners_count":22039792,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fuzz-testing","fuzzing","security","security-research","testing","vulnerability-analysis"],"created_at":"2024-11-06T15:14:21.834Z","updated_at":"2025-05-15T01:06:30.717Z","avatar_url":"https://github.com/ossf.png","language":"Python","readme":"[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/ossf/fuzz-introspector/badge)](https://api.securityscorecards.dev/projects/github.com/ossf/fuzz-introspector)\n\n# Fuzz introspector\n\nFuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance \nand identify any potential blockers. Fuzz introspector aggregates the fuzzers’ functional data like coverage,\nhit frequency, entry points, etc to give the developer a birds eye view of their fuzzer. This helps with \nidentifying fuzz bottlenecks and blockers and eventually helps in developing better fuzzers.\n\nFuzz-introspector aims to improve fuzzing experience of a project by guiding on whether you should:\n- introduce new fuzzers to a fuzz harness\n- modify existing fuzzers to improve the quality of your harness.\n\n## Indexing OSS-Fuzz projects\n\n[Open Source Fuzzing Introspection](https://introspector.oss-fuzz.com) provides introspection capabilities to [OSS-Fuzz](https://github.com/google/oss-fuzz) projects and is powered by Fuzz Introspector. This page gives macro insights into the fuzzing of open source projects.\n\nOn this page you'll see a list of all the projects that are currently analysed by Fuzz Introspector:\n- [Table of projects with Fuzz Introspector analysis](https://introspector.oss-fuzz.com/projects-overview)\n- Examples, with links in profile to latest Fuzz Introspector analysis:\n  - [Liblouis / C](https://introspector.oss-fuzz.com/project-profile?project=liblouis)\n  - [htslib / C](https://introspector.oss-fuzz.com/project-profile?project=htslib)\n  - [brotli / C++](https://introspector.oss-fuzz.com/project-profile?project=brotli)\n  - [idna / python](https://introspector.oss-fuzz.com/project-profile?project=idna)\n  - [junrar / java](https://introspector.oss-fuzz.com/project-profile?project=junrar)\n\n\n## Docs and demonstrations\n\nFuzz Introspector is build, tested and run with Python3.11. Other versions may\nwork, but they are not officially supported.\n\nThe main Fuzz Introspector documentation is available here: https://fuzz-introspector.readthedocs.io This documentation includes user guides, OSS-Fuzz instructions, tutorials, development docs and more.\nAdditionally, there is more information:\n- [Video demonstration](https://www.youtube.com/watch?v=cheo-liJhuE)\n- [List of Case studies](doc/CaseStudies.md)\n- [Screenshots](doc/ExampleOutput.md)\n- [Feature list](doc/Features.md)\n- Try yourself:\n  - [Use with OSS-Fuzz](oss_fuzz_integration#build-fuzz-introspector-with-oss-fuzz) (Recommended)\n  - [Use without OSS-Fuzz](doc/LocalBuild.md)\n\n## Architecture\nThe workflow of fuzz-introspector can be visualised as follows:\n![Functions table](/doc/img/fuzz-introspector-architecture.png)\n\nA more detailed description is available in [doc/Architecture](/doc/Architecture.md)\n\n## Contribute\n### Code of Conduct\nBefore contributing, please follow our [Code of Conduct](CODE_OF_CONDUCT.md).\n\n### Preparing the PR for CI\n\nYou can run the `ci_checks.sh` script to run the linting and api tests that are\nrun during CI. Make sure to activate the Python virtual environment as it is\nnot done by the script to allow more flexibility for the local dev setup.\n\nThe commit message **needs** to contain a signoff line with your data, this is\nsupported by Git see [here](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff).\n\n### Connect with the Fuzzing Community\nIf you want to get involved in the Fuzzing community or have ideas to chat about, we discuss\nthis project in the\n[OSSF Security Tooling Working Group](https://github.com/ossf/wg-security-tooling)\nmeetings.\n\nMore specifically, you can attend Fuzzing Collaboration meeting (monthly on\nthe first Tuesday 10:30am - 11:30am PST\n[Calendar](https://calendar.google.com/calendar?cid=czYzdm9lZmhwNWk5cGZsdGI1cTY3bmdwZXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ),\n[Zoom\nLink](https://zoom.us/j/99960722134?pwd=ZzZqdzY1eG9tMzQxWFI1Z0RhTkUxZz09)).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Ffuzz-introspector","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossf%2Ffuzz-introspector","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Ffuzz-introspector/lists"}