Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
fuzzing-tutorial
Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.
https://github.com/liyansong2018/fuzzing-tutorial
Last synced: 4 days ago
JSON representation
-
1 Books
-
2 Articles&Papers
-
Others
- The Art, Science, and Engineering of Fuzzing: A Survey
- Fuzzing: a survey
- Evaluating Fuzz Testing, 2018
- Fuzzing: Art, Science, and Engineering, 2018
- Fuzzing: State of the art, 2018
- Source-and-Fuzzing
- Effective File Format Fuzzing – Thoughts, Techniques and Results - Rays IDA Pro 等软件。
- CoLaFUZE: Coverage-Guided and Layout-Aware Fuzzing for Android Drivers
- Better Pay Attention Whilst Fuzzing
-
NDSS
- DARWIN: Survival of the Fittest Fuzzing Mutators, 2023 - 来自于上海交通大学的文章,改进优化 AFL 变异算法,通过实验证明比原生 AFL 多出 66% 的安全漏洞,[已开源](https://github.com/TUDA-SSL/DARWIN),很好奇为啥叫 DARWIN 的软件或者工具这么多🐶。
- MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing
- FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware
- DeepGo: Predictive Directed Greybox Fuzzing, 2024 - 一种名为 DeepGo 的预测式定向性灰盒 Fuzzing 方法,通过结合历史和预测信息,利用深度神经网络和强化学习引导模糊测试达到目标路径,优化测试效率。作者来自国防科技大学计算机学院。
- EnclaveFuzz: Finding Vulnerabilities in SGX Applications, 2024 - Fuzz 对象是使用了因特尔 SGX 技术的软件,[已开源](https://github.com/vul337/EnclaveFuzz),文章来自中国科学院信息工程研究所的 Liheng Chen。
- Large Language Model guided Protocol Fuzzing, 2024 - 研究人员开发了一款以大模型为指导的协议 Fuzz,通过 AI 训练 RFC 文档包含的协议规范,[ChatAFL 已开源](https://github.com/ChatAFLndss/ChatAFL),文章来自新加坡国立大学的 Ruijie Meng。
- MOCK: Optimizing Kernel Fuzzing Mutation with Context-aware Dependency, 2024 - 通过捕获系统调用的状态关系,优化 Linux syscall 模糊测试效率。针对 Linux 内核的 Fuzz 工具,[待开源](https://github.com/m0ck1ng/mock),文章来自浙江大学 Jiacheng Xu。
- Predictive Context-sensitive Fuzzing, 2024 - 一种**新颖的统计覆盖率**的思路。目前大多数 Fuzz 工具都是通过边(edge)作为覆盖引导,edge coverage 是函数的控制流,只考虑代码执行而忽略内部程序状态。本文使用程序分析领域的上下文敏感(context-sensitivity)作为覆盖率统计,结合 calling-context 和 edge coverage,[已开源](https://github.com/eurecom-s3/predictive-cs-fuzzing),文章来自罗马大学的 Pietro Borrello。
- ReqsMiner: Automated Discovery of CDN Forwarding Request Inconsistencies and DoS Attacks with Grammar-based Fuzzing, 2024 - 针对 CDN 请求不一致的 Fuzz 工具,[已开源](https://github.com/Konano/ReqsMiner),工作来自清华大学张超团队。
- ShapFuzz: Efficient Fuzzing via Shapley-Guided Byte Selection, 2024 - 一种指导字节变异的新颖方案,优化变异算法,[已开源](https://github.com/ShapFuzz/ShapFuzz),在 AFL++ 基础之上增加了一个新的 `-w` 命令选项,来自清华大学网络与信息安全实验室。
- Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software, 2023 - 针对上下文隔离的 API 接口(CIV,这是作者定义的一个概念,主要是指沙箱等隔离环境,应用划分、隔离后,应用的不同部分之间在交互时的控制和数据依赖关系,会在 interface 引入新的漏洞)进行 Fuzzing 的方案。Github 文档描述非常详细,[已开源](https://github.com/conffuzz/conffuzz),当前作者已针对 Okular/ImageMagick/Apache/exif 等诸多软件进行了模糊测试。该项研究来自曼彻斯特大学。
- FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities, 2023 - 谷歌Project Zero安全团队开发的针对 Javascript JIT 引擎进行 Fuzzing 的工具。[已开源](https://github.com/googleprojectzero/fuzzilli)。
- No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions, 2023 - 不用像 Syzkaller 那样编写复杂的系统调用描述,即可对内核进行 Fuzzing 的工具。[FuzzNG 已开源](https://github.com/BUseclab/FuzzNG)。
- EMS: History-Driven Mutation for Coverage-based Fuzzing
- Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection
- datAFLow: Towards a Data-Flow-Guided Fuzzer
- Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases, 2021
- LOKI: State-Aware Fuzzing Framework for the Implementation of Blockchain Consensus Protocols, 2023 - 针对区块链共识协议实现模糊测试的方法,来自清华大学,未见开源。
- OBSan: An Out-Of-Bound Sanitizer to Harden DNN Executables, 2023 - 来自香港大学的研究,针对深度神经网络相关程序的模糊测试,请注意,并不是将神经网络应用在 Fuzzing 中,而是针对神经网络相关应用进行 Fuzzing,[已开源](https://github.com/yanzuochen/obsan)。
- Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators
- WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021 - gatech/winnie) 系统,包含两个组件:可从二进制文件中自动合成工具的生成器,以及一个高效的 Windows forkserver。 对比工具: WinAFL 。
- PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles, 2021
- Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing, 2021
- HFL: Hybrid Fuzzing on the Linux Kernel - P1N3hOHeNCA6tKlSfhfjRdKefUtwi5pzYrjN-fcKWKG&wd=&eqid=fda401e6000301af00000006604737c0)提出的一个新兴混合 fuzz 工具。据作者所属,HFL 代码覆盖率分别比 Moonshine 和 Syzkaller 高出15%和26%,并发现 20+ 个内核漏洞。该工具好像没有开源。
- HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
- Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
- PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
- INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing
-
Programming Languages
Categories