https://github.com/alphaseclab/fuzzing-stuff
Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
https://github.com/alphaseclab/fuzzing-stuff
afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl
Last synced: 4 months ago
JSON representation
Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
- Host: GitHub
- URL: https://github.com/alphaseclab/fuzzing-stuff
- Owner: alphaSeclab
- Created: 2020-02-05T04:04:36.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2020-02-05T04:26:25.000Z (over 6 years ago)
- Last Synced: 2025-07-11T15:29:16.080Z (12 months ago)
- Topics: afl, american-fuzzy-lop, fuzzing, go-fuzz, libfuzzer, oss-fuzz, peach, syzkaller, winafl
- Size: 122 KB
- Stars: 242
- Watchers: 11
- Forks: 70
- Open Issues: 0
-
Metadata Files:
- Readme: Readme.md
- Changelog: history/Fuzzing_20200205121327.json
Awesome Lists containing this project
README
# 所有收集类项目:
- [收集的所有开源工具: sec-tool-list](https://github.com/alphaSeclab/sec-tool-list): 超过21K, 包括Markdown和Json两种格式
- [安全资源收集类的 Repo](https://github.com/alphaSeclab/awesome-security-collection): 1000+各类安全资源收集的Github Repo
- [全平台逆向资源](https://github.com/alphaSeclab/awesome-reverse-engineering):
- Windows平台安全: PE/DLL/DLL-Injection/Dll-Hijack/Dll-Load/UAC-Bypass/Sysmon/AppLocker/ETW/WSL/.NET/Process-Injection/Code-Injection/DEP/Kernel/...
- Linux安全: ELF/...
- macOS/iXxx安全: Mach-O/越狱/LLDB/XCode/...
- Android安全: HotFix/XPosed/Pack/Unpack/Emulator/Obfuscate
- 知名工具: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/...
- [攻击性网络安全资源](https://github.com/alphaSeclab/awesome-cyber-security): 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...
- [网络相关的安全资源](https://github.com/alphaSeclab/awesome-network-stuff):
- 网络通信: 代理/SS/V2ray/GFW/反向代理/隧道/VPN/Tor/I2P/...
- 网络攻击: 中间人/PortKnocking/...
- 网络分析: 嗅探/协议分析/网络可视化/网络分析/网络诊断等
- [开源远控和恶意远控分析报告](https://github.com/alphaSeclab/awesome-rat): 开源远控工具: Windows/Linux/macOS/Android; 远控类恶意恶意代码的分析报告等
- [Webshell工具和分析/使用文章](https://github.com/alphaSeclab/awesome-webshell): Webshell资源收集, 包括150个Github项目, 200个左右文章
- [取证相关工具和文章](https://github.com/alphaSeclab/awesome-forensics): 近300个取开源取证工具,近600与取证相关文章
- [蜜罐资源](https://github.com/alphaSeclab/awesome-honeypot): 250+个开源蜜罐工具,350+与蜜罐相关文章
- [Burp Suite资源](https://github.com/alphaSeclab/awesome-burp-suite): 400+个开源Burp插件,500+与Burp相关文章
# Fuzzing
- 500+开源工具, 800+博客/论文/视频
- [English Version](https://github.com/alphaSeclab/fuzzing-stuff/blob/master/Readme_en.md)
# 目录
- [平台](#ba225775cc84ad50fc4eef4d9f59a810)
- [Windows](#c0b0c2ea9d7e132704d6a373ec0777f2)
- [(15) 文章](#5827dec9f50e5dd3a22a0acf98b93601)
- [Hyper-V](#83c2230545ef765defbad18446f0a8ce)
- [(2) 文章](#13c876bf34c480ff6cf7dbccaca8ce7b)
- [(1) 工具](#0e21d0d0d09c796d23811aab292fad67)
- [(13) 工具](#9e08b20923c330a8129650bbfff224f3)
- [Linux](#9fb70c8fe99b931fdcc0006b2981b317)
- [(6) 文章](#2298f6a5e7ae3ff71e2b3c407d545f0c)
- [(7) 工具](#bb02040fd55d07f271449793a7f61ac2)
- [VxWorks](#6b2573e715a5a651f0ec62a2c89b660b)
- [(1) 文章](#317ac322ac612651b1ecc5ddd1899107)
- [(1) 工具](#9e5b500ce6bb27da33eb3aab93550b5b)
- [Android](#9d6db0bef350ff9f284d0bec37511ab1)
- [(6) 文章](#f2cb8c9e654af38c2e5946cba02f84a9)
- [(12) 工具](#ca622cf735ca150150e8e46565e90c58)
- [iOS](#7da821872d137c4c215ae35a9f9a4349)
- [(1) 文章](#d9ef9fde4a2d6413a60a7e2d26dbac14)
- [(1) 工具](#8fc7535b23166bb9d9f9881428d3c319)
- [目标](#4ff70d7465fc1de6cdcc6dec1cbac3f8)
- [USB](#a9fb6e5bf109505b2e461340cf6d0562)
- [(5) 文章](#a009f059f53af5c35246ba124f95aca9)
- [(3) 工具](#3ccffbab722006e35b25e2ffd27a8339)
- [Web](#5cba1f60ec6f71801c2e35583b3860f7)
- [(19) 文章](#050025833cd7923a727168ef605dac7d)
- [XSS](#7316e86a76039b69d55ce75b7ad63806)
- [(4) 文章](#03b47f7b0ab73a892d7f71250d80cd8a)
- [(8) 工具](#f63b395f03487b306c1c3a8244495d60)
- [(23) 工具](#0d57aabd24f957b8aa1d0c7f0b56a9a5)
- [内核](#efc729aa785c9ba06d8d163205935a39)
- [(12) 文章](#1c2e42bde10e3f4be917db4e5edca877)
- [(7) 工具](#1b600d6d9e33544805ef6e099b89f7d2)
- [浏览器](#8e9bef8a7336c337158f90ca6ac15b8e)
- [(8) 文章](#0ad896e0889f3bb09a491fe52e7a2ab4)
- [(5) 工具](#ce8c3714cbad149ea5db73a949bc5632)
- [网络](#de288219de0676bd92c9303215697f73)
- [(17) 工具](#7453e83782a870110746d730a42c88e5)
- [(6) 文章](#06d21501e9332b551af531192ad96d6f)
- [Burp](#5db847ee269963713f3a574d2d932396)
- [(6) 文章](#d0e176218f3a4b67a7c4767bca2a57e8)
- [(6) 工具](#c36d071cfd6f87b102a9ef787818a7d1)
- [(8) PDF](#e77277da6ff91d966434eb0c5b49466d)
- [JavaScript](#6bfd82396cd4c2b8929ca869ee55afb1)
- [(3) 工具](#11f9a34b3d37bb13b3ad132fd1793519)
- [(1) 文章](#3cce3934ff6d602ecefec2d5d2d1b2fd)
- [知名工具](#a49064798ee98ed78bcc8245fa31c64e)
- [AFL](#0c6931f6f85194e565b9bde78e6f4215)
- [(73) 工具](#af55f665958eecd825d0df60530136c7)
- [(95) 文章](#ae52cd288fac548da8d68f12b4c1119d)
- [WinAFL](#1c4df8f0641212cc5a71f96cecc6f9bc)
- [(12) 文章](#54356b3ce4f269eb64c571e298578687)
- [(4) 工具](#97bc87c4d52312cedc91174a8cd12823)
- [TriforceAFL](#65a56cd4b5506ce13a9fefe65897a88c)
- [(1) 文章](#d2c59341002e8d11cd3b5efcd746a892)
- [(3) 工具](#b5fa40e7d958b66b8a8f5360320c4fd9)
- [KAFL](#98831fe112590c5febd3f691e40d5627)
- [(1) 工具](#fe3fa44f4d30c7e5d9a0f5dbcc95b50d)
- [aflsmart](#cdd51078ff8a8fe247f92a612b7449d9)
- [(1) 工具](#bcbb6ae500594351d57c514082025552)
- [(1) 文章](#4fc6a8af588e9b6579281fb4805bc118)
- [libFuzzer](#de5d9138d9dce28fd3d025e1056b6c86)
- [(9) 工具](#44b9d8dc765b278b3d4be21d9d507680)
- [(11) 文章](#c7656aa5e7a10d611b6739057f0e1881)
- [dharma](#308ce75dc1d55114297e084f4424bb2d)
- [(2) 文章](#7ad0646f60d2a4652f1c52af6d44ef08)
- [(1) 工具](#ffadd4bc8e9d8ae7e8311e0ee0becf87)
- [Peach](#ffc1a2418120b476722fed832eb75dff)
- [(19) 文章](#f7a676b24ac65ae2323ef6750c415297)
- [(10) 工具](#8466b2f76463c972468c7e97f14501c2)
- [SPIKE](#cbb96ed45688b2581907a23dd394db7c)
- [(1) 工具](#c5e80e579dc72654af10e5661929b167)
- [(6) 文章](#766f709efaf0c5ba7c38213ee0a08afc)
- [driller](#68c2a6dcaa033aceb5d880a4e0b308ab)
- [(3) 工具](#4bc64b41d4ac89e0f71ee08d0c06930e)
- [syzkaller](#04548bfdaea4001f268435cbcd3ea093)
- [(1) 工具](#da83685be3f757321634d041d4f7e513)
- [(9) 文章](#6636443aab5e2f4a99ef22996006b93f)
- [clusterfuzz](#5ec79a1e74f03bdceb82b1fe108e82df)
- [(1) 工具](#3699011f39726e5d3d9a8c4cd3174752)
- [(2) 文章](#670eb9f38c91ede5db0d7676e03c7114)
- [OSS-Fuzz](#0cb19ae8f141b5f6e23bd7c79742910f)
- [(2) 文章](#414c5025267c01a8eef9c83faa54e9e9)
- [(2) 工具](#4cd90c79274fe3e37a9142f4e727ab46)
- [IFuzzer](#8a98953e8576f2cbfa5068339aaa11ad)
- [(1) 工具](#9516c3382676bfd3275296e7b735be3c)
- [CodeAlchemist](#cc0fbdb7db655d96b71909a2f4c14d09)
- [(2) 文章](#a1c77c642c385403698f40eb9ca5692a)
- [(1) 工具](#cb65a2322a0581c5e97ab31fc94eb9e1)
- [HongFuzz](#7be26e50c44d7babcfd4284948efb061)
- [(2) 工具](#857adf50a5eaea808666bda19c6c5fa0)
- [(11) 文章](#19b38c3982d3e902644aee2d8995a2f3)
- [Echidna](#1a99ead5a63a5f571f2895e65ff37e61)
- [(3) 文章](#6d254ade422517d3a4d48fca8dc660ef)
- [(1) 工具](#176c89d084c705be8c6d716c32f12a10)
- [Applepie](#6afa1277e9e1d0f6fa55488d5b6ce501)
- [(1) 文章](#4e08db4877bbf92070d9de641f226740)
- [(1) 工具](#3f876230ca03e0f444002b3fb310e7c1)
- [autoPwn](#84437b546f221c882ef78fa9eac33c3a)
- [(9) 工具](#589e8e50cdfd74946630cd952c799a5b)
- [(14) 文章](#d7d8d51459a5e98b47cc1b46ae485b0c)
- [go-fuzz](#7ed3059b9b95401ebb581ced6b20ce78)
- [(5) 文章](#fe00ec503190f1552ce3e85adaf3f0fa)
- [(2) 工具](#74310510330283757ff0dfc6948f5487)
- [SSRFmap](#0adb8d197ce9e49ec5da8ef42ec7580a)
- [(1) 文章](#c4326c555dbb8928400fc0364c29b4c6)
- [(2) 工具](#83eb5422c52ada15e746c872f5ffca59)
- [Sulley](#1eb076271df09926466fd1fb2e3b004d)
- [(1) 工具](#8fba82dd4ba5636b03ab6ae8feaea1a6)
- [(14) 文章](#8fb4c745a2d560e99cf508b0afa518da)
- [boofuzz](#3ce9a2d3b55382fba52d41604084e699)
- [(1) 工具](#b6a22b7c530018cfb03e28267f7d0f85)
- [(5) 文章](#a7ce63d2493073625ee944b834637c8b)
- [radamsa](#df4787424734d30ae1a2770fb373b930)
- [(10) 工具](#383b3db53dbae5495384c773017e76ed)
- [(4) 文章](#ceecee8d74b99efb48bda136e569013e)
- [Ffuf](#14865c1f28cd4cb9fa3bd76a280773b8)
- [(1) 工具](#8080688602545fb21df7b94d7cc03c4d)
- [(1) 文章](#a2fe56d3431d30768eb1f81678899755)
- [domato](#009faf20510aa32978e4f9bfd7e8f783)
- [(1) 工具](#ee66a98483d7c3670134cfab28efa441)
- [(1) 文章](#3eae6ff368baff7ce0655da320b3ddfa)
- [fuzzdb](#c915525d68c37bcd0cf9e7d3f3b28612)
- [(5) 工具](#438c97e531560cb170319c89b14f520f)
- [(5) 文章](#b2777dfa36382f17dab0640e0cc14c2e)
- [fuzzbunch](#9c76284dd37297de7ac2e74e5124c4c5)
- [(7) 工具](#7e28d80bd3f4b1e8d7f77e56271f580c)
- [(7) 文章](#cf82fd581083a73dc4aef04130b72806)
- [angora](#4715c2d6616f674e9c549a41c1d960b5)
- [(2) 工具](#0b506c09d2c00f0fd4e44c0f73dc2bed)
- [(3) 文章](#b238f28621f2958d2012f93c20939233)
- [wfuzz](#1f6b4e55e6e2ddb624812c94f41f508e)
- [(1) 工具](#2bc6286bdc936ff8993074d5e4e90240)
- [(7) 文章](#8a56b77c824efbf96dc4d9166ccade52)
- [PBTK](#76a96bc0bc7d4ad75bd96ec45fc57061)
- [(1) 工具](#a934dde3f8a53608bea3da027475435b)
- [(1) 文章](#61d79ed579a652c6a046d9db2a31fc2e)
- [grinder](#1b88125a7791ce5ac6b3a69cf77aef75)
- [(3) 工具](#5f7c3589d245ce41c87ff3381a55521f)
- [(1) 文章](#8b18d1c20980b88f8c1c147ae7141694)
- [Sandsifter](#569ae685f78e229e0ad8a1bdea0b1628)
- [(2) 文章](#a5d3997cfb664cfd60150b93a1294a46)
- [(4) 工具](#35cd93300c1b3849b7a2cf3a83a8b88a)
- [deepstate](#56418ce9cb63cafe88b6b7ba4759bdfd)
- [(5) 工具](#15e760e35ddaa568a7e1adff4334c3a0)
- [(6) 文章](#37dd474873d4e77f787ed4eaf05b57e1)
- [trinity](#ffb074c5cd7a639bb9f09034767eb3c8)
- [(1) 工具](#fbf2c91ed5bb8406c47488ee47331e32)
- [(3) 文章](#1f7beeb4096d8297a4df1ca1c450b8d9)
- [netzob](#782cdd958b166587e6c7c28d57e96e5d)
- [(1) 工具](#655a6ac0c77ca87bbba0e6882c4a30fb)
- [(4) 文章](#d696cf1f780925e8454c756778214118)
- [其他](#fdd537da11bb7943b2e3db2948571897)
- [书籍](#bda60cdb74386781d08ef693acc5d197)
- [(1) 书籍](#5fbefeb903f1b8fa984a341c43e91154)
- [字典](#5b7b2258fd0aea44c7721f430fd21aad)
- [(7) 工具](#34f611fb294c95e4834c5e7fa976ba6d)
- [工具](#8fd129e1f5d59fd7dc1522149dbdff1a)
- [(13) 收集](#2f1bb61812cb93775b1520278d2c3c46)
- [(232) 新添加](#0c562526ea5a2b704151dc13c4dbb46f)
- [(2) 其他](#8a3d9375211195667479a3a48b6c5cd7)
- [文章](#5b50c08b05e01ce7d143e2a0bbe27a21)
- [(317) 新添加](#e98a165f5e333fd6d008b0a7bcb0010f)
- [(66) arxiv_cscr](#e8b7eb55f4826f577ba87fd6e51d891a)
- [(57) Youtube](#a8ddcfd649b14610b766c8ba8181d2d4)
***
- [**89**星][12m] [C++] [fsecurelabs/viridianfuzzer](https://github.com/FSecureLABS/ViridianFuzzer) Kernel driver to fuzz Hyper-V hypercalls
- 2019.02 [mwrinfosecurity] [Ventures into Hyper-V - Fuzzing hypercalls](https://labs.mwrinfosecurity.com/blog/ventures-into-hyper-v-part-1-fuzzing-hypercalls/)
- 2019.02 [f] [Ventures into Hyper-V - Fuzzing hypercalls](https://labs.f-secure.com/blog/ventures-into-hyper-v-part-1-fuzzing-hypercalls/)
- [**170**星][3m] [C++] [mxmssh/manul](https://github.com/mxmssh/manul) Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS
- [**160**星][10d] [C] [hfiref0x/ntcall64](https://github.com/hfiref0x/ntcall64) Windows NT x64 syscall fuzzer
- [**141**星][3y] [C] [koutto/ioctlbf](https://github.com/koutto/ioctlbf) Windows Kernel Drivers fuzzer
- [**101**星][2m] [C++] [trailofbits/sienna-locomotive](https://github.com/trailofbits/sienna-locomotive) A user-friendly fuzzing and crash triage tool for Windows
- [**96**星][2y] [Py] [sogeti-esec-lab/rpcforge](https://github.com/sogeti-esec-lab/rpcforge) Windows RPC Python fuzzer
- [**88**星][1y] [C++] [nccgroup/dibf](https://github.com/nccgroup/DIBF) Windows NT ioctl bruteforcer and modular fuzzer
- [**77**星][3y] [Py] [carlosgprado/brundlefuzz](https://github.com/carlosgprado/brundlefuzz) BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.
- [**63**星][1y] [C] [ioactive/fuzzndis](https://github.com/ioactive/fuzzndis) A Fuzzer for Windows NDIS Drivers OID Handlers
- [**50**星][6y] [Py] [debasishm89/iofuzz](https://github.com/debasishm89/iofuzz) A mutation based user mode (ring3) dumb in-memory Windows Kernel (IOCTL) Fuzzer/Logger. This script attach it self to any given process and hooks DeviceIoControl!Kernel32 API and try to log or fuzz all I/O Control code I/O Buffer pointer, I/O buffer length that process sends to any Kernel driver.
- [**48**星][7y] [C++] [cr4sh/msfontsfuzz](https://github.com/cr4sh/msfontsfuzz) OpenType font file format fuzzer for Windows
- [**47**星][3y] [silvermoonsecurity/security-misc](https://github.com/silvermoonsecurity/security-misc) # Full overview of current vulnerability, exploit , fuzz, mitigation of current major Operation System(Windows, macOS, Linux, Android,iOS and so forath) and popular applicaiton
- [**38**星][2y] [Py] [walkerfuz/pydbgeng](https://github.com/walkerfuz/PyDbgEng) a python wrapper of debug engines on windows, linux or osx, it's only aim to auto fuzzing.
- [**13**星][2y] [C] [leonwxqian/windows-defender-nscript-loader](https://github.com/leonwxqian/windows-defender-nscript-loader) A exe loader that can load NScript evaluation engine of Windows Defender/Microsft Security Essential. You can fuzz NScript by using this. Project was based on Tavis Ormandy(taviso)'s "Porting Windows Dynamic Link Libraries to Linux" (
- 2019.10 [apriorit] [Finding Vulnerabilities in Closed Source Windows Software by Applying Fuzzing](https://www.apriorit.com/dev-blog/640-qa-fuzzing-for-closed-source-windows-software)
- 2019.07 [4hou] [利用逆向分析与模糊测试技术深入考察Windows图形库漏洞](https://www.4hou.com/vulnerable/18889.html)
- 2019.06 [ixiacom] [Investigating Windows Graphics Vulnerabilities: A Reverse Engineering and Fuzzing Story](https://www.ixiacom.com/company/blog/investigating-windows-graphics-vulnerabilities-reverse-engineering-and-fuzzing-story)
- 2017.05 [pediy] [[翻译]Windows Uniscribe Fuzzing 笔记](https://bbs.pediy.com/thread-217331.htm)
- 2017.04 [googleprojectzero] [Notes on Windows Uniscribe Fuzzing](https://googleprojectzero.blogspot.com/2017/04/notes-on-windows-uniscribe-fuzzing.html)
- 2016.11 [360] [A year of Windows kernel font fuzzing](https://www.anquanke.com/post/id/84932/)
- 2016.11 [vexillium] [Slides about my Windows Metafile research (Ruxcon, PacSec) and fuzzing (Black Hat EU) now public](http://j00ru.vexillium.org/?p=2975)
- 2016.11 [vexillium] [Slides about my Windows Metafile research and fuzzing now public](https://j00ru.vexillium.org/2016/11/slides-about-my-windows-metafile-research-and-fuzzing-now-public/)
- 2016.10 [duo] [Remote Fuzzer Monitoring with Windows Error Reporting (WER)](https://duo.com/blog/remote-fuzzer-monitoring-with-windows-error-reporting-wer)
- 2016.07 [googleprojectzero] [A year of Windows kernel font fuzzing #2: the techniques](https://googleprojectzero.blogspot.com/2016/07/a-year-of-windows-kernel-font-fuzzing-2.html)
- 2016.06 [googleprojectzero] [A year of Windows kernel font fuzzing #1: the results](https://googleprojectzero.blogspot.com/2016/06/a-year-of-windows-kernel-font-fuzzing-1_27.html)
- 2014.05 [freebuf] [在渗透测试中使用fuzz技术(附windows安装指南)](http://www.freebuf.com/articles/network/34136.html)
- 2012.10 [securiteam] [Windows Device Driver Fuzzing](https://blogs.securiteam.com/index.php/archives/1914)
- 2012.05 [tekwizz123] [Set Up Your Windows XP for Fuzzing](http://tekwizz123.blogspot.com/2012/05/set-up-your-windows-xp-for-fuzzing.html)
- 2009.09 [microsoft] [Known issue: Using MiniFuzz on Windows XP or Server2003](https://cloudblogs.microsoft.com/microsoftsecure/2009/09/25/known-issue-using-minifuzz-on-windows-xp-or-server2003/)
***
- [**247**星][9m] [C++] [ucsb-seclab/difuze](https://github.com/ucsb-seclab/difuze) 针对 Linux 内核驱动的 Fuzzer
- [**153**星][10m] [Py] [k0retux/fuddly](https://github.com/k0retux/fuddly) Fuzzing/数据操纵(Data Manipulation)框架
- [**92**星][3y] [Hack] [oracle/kernel-fuzzing](https://github.com/oracle/kernel-fuzzing) Fuzzers for the Linux kernel
- [**70**星][7y] [JS] [qburst/penq](https://github.com/qburst/penq) PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
- [**66**星][6y] [JS] [owasp/appsec-browser-bundle](https://github.com/owasp/appsec-browser-bundle) The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
- [**10**星][6y] [zsenda/stebb](https://github.com/zsenda/stebb) STeBB (Security Testing Browser Bundle ) is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
- [**8**星][7y] [C] [rgbkrk/iknowthis](https://github.com/rgbkrk/iknowthis) fuzz testing framework for Linux system calls
- 2019.07 [cloudflare] [A gentle introduction to Linux Kernel fuzzing](https://blog.cloudflare.com/a-gentle-introduction-to-linux-kernel-fuzzing/)
- 2019.05 [freebuf] [在没有源代码的情况下对Linux二进制代码进行模糊测试](https://www.freebuf.com/articles/system/203302.html)
- 2018.09 [aliyun] [linux下fuzz初试](https://xz.aliyun.com/t/2714)
- 2017.09 [ostechnix] [Pick – A Commandline Fuzzy Search Tool For Linux](https://www.ostechnix.com/pick-commandline-fuzzy-search-tool-linux/)
- 2012.05 [freebuf] [自动化模糊测试框架(BFF)- linux和Mac OS X上的fuzzer工具](http://www.freebuf.com/sectool/1319.html)
- 2012.01 [crossbowerbt] [In-memory-fuzzing in Linux (with GDB and Python)](https://crossbowerbt.github.io/in_memory_fuzzing.html)
***
- [**13**星][4y] [Py] [yformaggio/vxfuzz](https://github.com/yformaggio/vxfuzz) Some VxWorks fuzzing examples using Cisco-Kitty and WDBDbg framework
- 2016.01 [knownsec] [VxWorks Fuzzing 之道:VxWorks工控实时操作系统漏洞挖掘调试与利用揭秘](http://blog.knownsec.com/2016/01/vxworks-real-time-operation-system-fuzzing/)
***
- [**283**星][4y] [Py] [fuzzing/mffa](https://github.com/fuzzing/mffa) Media Fuzzing Framework for Android
- [**218**星][6m] [HTML] [ajinabraham/droid-application-fuzz-framework](https://github.com/ajinabraham/droid-application-fuzz-framework) Android application fuzzing framework with fuzzers and crash monitor.
- [**111**星][3y] [Java] [mindmac/intentfuzzer](https://github.com/mindmac/intentfuzzer) A Tool to fuzz Intent on Android
- [**108**星][5y] [Py] [mit-ll/ll-fuzzer](https://github.com/mit-ll/ll-fuzzer) An automated NFC fuzzing framework for Android devices.
- [**94**星][29d] [Py] [imtiazkarimik23/atfuzzer](https://github.com/imtiazkarimik23/atfuzzer) "Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
- [**72**星][3y] [Py] [antojoseph/droid-ff](https://github.com/antojoseph/droid-ff) Android File Fuzzing Framework
- [**55**星][5y] [C] [anestisb/melkor-android](https://github.com/anestisb/melkor-android) An Android port of the melkor ELF fuzzer
- [**32**星][5y] [Py] [jonmetz/androfuzz](https://github.com/jonmetz/androfuzz) A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process
- [**25**星][6y] [Java] [thypon/androidfuzz](https://github.com/thypon/androidfuzz) JavaFuzz 4 Android
- [**20**星][11m] [Rust] [gamozolabs/slime_tree](https://github.com/gamozolabs/slime_tree) Worst Android kernel fuzzer
- [**6**星][1y] [Py] [datadancer/hiafuzz](https://github.com/datadancer/hiafuzz) Hybrid Interface Aware Fuzz for Android Kernel Drivers
- [**2**星][10d] [Java] [oxagast/ansvif_android](https://github.com/oxagast/ansvif_android) An Android frontend for ansvif fuzzing
- 2018.10 [aliyun] [如何打造我们自己的Android fuzzer](https://xz.aliyun.com/t/2950)
- 2018.03 [freebuf] [DAFF:Android应用程序Fuzzing框架](http://www.freebuf.com/sectool/164794.html)
- 2016.11 [360] [Fuzzing Android:挖掘Android系统组件组件中的漏洞](https://www.anquanke.com/post/id/84979/)
- 2016.09 [deepsec] [DeepSec 2016 Talk: Fuzzing Remote Interfaces for System Services in Android – Alexandru Blanda](http://blog.deepsec.net/deepsec-2016-talk-fuzzing-remote-interfaces-system-services-android-alexandru-blanda/)
- 2016.02 [deepsec] [DeepSec Video: File Format Fuzzing in Android – Giving a Stagefright to the Android Installer](http://blog.deepsec.net/deepsec-video-file-format-fuzzing-in-android-giving-a-stagefright-to-the-android-installer/)
- 2016.01 [freebuf] [四个参数搞定安卓驱动fuzzing!(附DeathFuzzer工具)](http://www.freebuf.com/sectool/92638.html)
***
- [**7**星][1y] [C] [ukern-developers/xnu-kernel-fuzzer](https://github.com/ukern-developers/xnu-kernel-fuzzer) Kernel Fuzzer for Apple's XNU, mainly meant for the iOS operating system
- 2012.10 [pediy] [[原创]IOS黑客手册第六章-iOS应用程序模糊测试挖掘(第一部分)](https://bbs.pediy.com/thread-157234.htm)
***
- [**46**星][6y] [nccgroup/frisbeelite](https://github.com/nccgroup/frisbeelite) A GUI-based USB device fuzzer
- [**36**星][2y] [Py] [ernw/dizzy](https://github.com/ernw/dizzy) Network and USB protocol fuzzing toolkit.
- [**33**星][3y] [Py] [ernw/dizzy-legacy](https://github.com/ernw/dizzy-legacy) Network and USB protocol fuzzing toolkit.
- 2019.08 [4hou] [现有USB模糊测试技术的总结(下)](https://www.4hou.com/info/news/19413.html)
- 2019.08 [4hou] [现有USB模糊测试技术的总结(上)](https://www.4hou.com/web/19412.html)
- 2019.07 [davejingtian] [USB Fuzzing: A USB Perspective](https://davejingtian.org/2019/07/17/usb-fuzzing-a-usb-perspective/)
- 2018.12 [ZeroNights] [HC MA - Massive Scale USB Device Driver Fuzz WITHOUT device](https://www.youtube.com/watch?v=7F4yDAHoPgs)
- 2014.06 [quarkslab] [USB Fuzzing Basics: From fuzzing to bug reporting](https://blog.quarkslab.com/usb-fuzzing-basics-from-fuzzing-to-bug-reporting.html)
***
- [**95**星][1y] [HTML] [nytrorst/xssfuzzer](https://github.com/nytrorst/xssfuzzer) XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.
- [**38**星][4y] [C#] [cweb/unicode-hax](https://github.com/cweb/unicode-hax) A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.
- [**38**星][7y] [Py] [matthewdfuller/intellifuzz-xss](https://github.com/matthewdfuller/intellifuzz-xss) An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
- [**26**星][5y] [Go] [rverton/xssmap](https://github.com/rverton/xssmap) (DOM-)XSS fuzzer based on phantomjs and go.
- [**24**星][1y] [Py] [jiangsir404/xss-sql-fuzz](https://github.com/jiangsir404/xss-sql-fuzz) burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
- [**23**星][4y] [Py] [immunio/immunio-xss-fuzzer](https://github.com/immunio/immunio-xss-fuzzer) Immunio's XSS Fuzzer tool
- [**22**星][3y] [PHP] [0x584a/fuzzxssphp](https://github.com/0x584a/fuzzxssphp) PHP版本的反射型xss扫描,支持GET,POST
- [**1**星][16d] [C#] [naivenom/ariadna](https://github.com/naivenom/ariadna) Fuzzer simple para encontrar vulnerabilidades sql y xss
- 2019.05 [aliyun] [浅析一种简单暴力的Xss Fuzz手法](https://xz.aliyun.com/t/4985)
- 2018.12 [freebuf] [利用XSStrike Fuzzing XSS漏洞](https://www.freebuf.com/articles/web/191003.html)
- 2018.12 [ostorlab] [Fuzzing strategies for DOM XSS - Part 1](http://blog.ostorlab.co/2018/12/fuzzing-strategies-for-dom-xss-coverage.html)
- 2012.11 [mindedsecurity] [DOMinatorPro Fuzzer finds a DOM XSS on Google.com](http://blog.mindedsecurity.com/2012/11/dominatorpro-fuzzer-finds-dom-xss-on.html)
- [**394**星][3m] [C] [coolervoid/0d1n](https://github.com/coolervoid/0d1n) Web security tool to make fuzzing at HTTP/S, Beta
- [**343**星][1y] [Py] [joxeankoret/nightmare](https://github.com/joxeankoret/nightmare) 分布式模糊测试套件,具有Web管理功能
- [**182**星][5m] [Rust] [phra/rustbuster](https://github.com/phra/rustbuster) A Comprehensive Web Fuzzer and Content Discovery Tool
- [**148**星][3m] [Perl] [henshin/filebuster](https://github.com/henshin/filebuster) An extremely fast and flexible web fuzzer
- [**111**星][10m] [l3m0n/webfuzzattack](https://github.com/l3m0n/webfuzzattack) web模糊测试 - 将漏洞可能性放大
- [**94**星][1y] [Py] [andresriancho/websocket-fuzzer](https://github.com/andresriancho/websocket-fuzzer) HTML5 WebSocket message fuzzer
- [**92**星][2m] [C] [jonathanmetzman/wasm-fuzzing-demo](https://github.com/jonathanmetzman/wasm-fuzzing-demo) Demos of and walkthroughs on in-browser fuzzing using WebAssembly
- [**61**星][1y] [Py] [graniet/operative-framework-hd](https://github.com/graniet/operative-framework-hd) operative framework HD is the digital investigation framework, you can interact with websites, email address, company, people, ip address, vulnerability fuzzing ... interact with basic/graphical view and export with XML, JSON, use database management...
- [**58**星][9m] [HTML] [leonwxqian/lucky-js-fuzz](https://github.com/leonwxqian/lucky-js-fuzz) A web page based fuzzer that generates random JS statements then fuzz in the web-browser.
- [**55**星][3y] [Py] [mseclab/burp-pyjfuzz](https://github.com/mseclab/burp-pyjfuzz) Burp Suite plugin which implement PyJFuzz for fuzzing web application.
- [**53**星][2y] [JS] [danigargu/urlfuzz](https://github.com/danigargu/urlfuzz) Another web fuzzer written in NodeJS
- [**51**星][5m] [CSS] [mobsf/capfuzz](https://github.com/mobsf/capfuzz) CapFuzz - capture, fuzz & intercept web traffic.
- [**37**星][3m] [Py] [mak-/scanomaly](https://github.com/mak-/scanomaly) This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
- [**22**星][1m] [Py] [z3pp/zfuzz](https://github.com/z3pp/zfuzz) Simple python web fuzzer
- [**19**星][2y] [JS] [mozillasecurity/framboise](https://github.com/mozillasecurity/framboise) Framboise is a fuzzer for in-depth testing of WebAPIs.
- [**17**星][2m] [Py] [avalz/waf-a-mole](https://github.com/avalz/waf-a-mole) A guided mutation-based fuzzer for ML-based Web Application Firewalls
- [**16**星][2y] [CSS] [sweetchipsw/sweetmon_legacy](https://github.com/sweetchipsw/sweetmon_legacy) 'SWEETMON' is a fuzzer monitoring service based python3 + django. User can check their fuzzers and crashes on the web. It can reduce repetitive work for fuzz testers. This is a legacy sweetmon. The new sweetmon is now being developed
- [**6**星][1y] [Py] [mattjegan/wtfuzz](https://github.com/mattjegan/wtfuzz) A pip-installable tool used for checking the existence of different types of web resources
- [**5**星][2y] [Py] [phplaber/yawf](https://github.com/phplaber/yawf) 一个基于 OWASP 开源的 Web 漏洞模糊测试工具
- [**4**星][2y] [Java] [huvuqu/fuzz18plus](https://github.com/huvuqu/fuzz18plus) Advance of fuzzing for Web pentest. Based on Burp extension, send HTTP request template out to Python fuzzer.
- [**3**星][1y] [Py] [yuxiaokui/hackerone](https://github.com/yuxiaokui/hackerone) Fuzz website
- [**2**星][2y] [yehgdotnet/jhijack](https://github.com/yehgdotnet/jhijack) A Java Hijacking tool for web application session security assessment. A simple Java Fuzzer that can mainly be used for numeric session hijacking and parameter enumeration. Demonstration video is also available.
- [**1**星][7m] [C] [postrequest/cbuster](https://github.com/postrequest/cbuster) Web server directory and file fuzzer
- 2019.06 [aliyun] [fuzz web请求时,遇到请求参数被前端加signature怎么办](https://xz.aliyun.com/t/5384)
- 2018.12 [aliyun] [Web Fuzz](https://xz.aliyun.com/t/3600)
- 2018.07 [360] [议题解读《我的Web应用安全模糊测试之路》](https://www.anquanke.com/post/id/152729/)
- 2018.05 [pentestingexperts] [BlackWidow – A Python Based Web Application Scanner To Gather OSINT And Fuzz For OWASP Vulnerabilities On A Target Website](http://www.pentestingexperts.com/blackwidow-a-python-based-web-application-scanner-to-gather-osint-and-fuzz-for-owasp-vulnerabilities-on-a-target-website/)
- 2018.03 [360] [如何Fuzz Json Web Services](https://www.anquanke.com/post/id/100916/)
- 2018.03 [websecurify] [Fuzzing JSON Web Services](https://blog.websecurify.com/2018/03/fuzzing-json-web-services.html)
- 2017.12 [themiddleblue] [Detecting human users: Is there a way to block enumeration, fuzz or web scan?](https://medium.com/p/14102a92f10b)
- 2017.09 [freebuf] [如何通过BurpSuiteMacro自动化模糊测试Web应用的输入点](http://www.freebuf.com/articles/web/147182.html)
- 2017.09 [4hou] [利用Burp“宏”解决自动化 web fuzzer的登录问题](http://www.4hou.com/web/7542.html)
- 2017.09 [securelayer7] [使用 Burp 的宏功能,实现 WebApp 输入 Fuzzing 的自动化](http://blog.securelayer7.net/automating-web-apps-input-fuzzing-via-burp-macros/)
- 2017.09 [securelayer7] [Automating Web Apps Input fuzzing via Burp Macros](https://blog.securelayer7.org/automating-web-apps-input-fuzzing-via-burp-macros/)
- 2016.12 [n0where] [Extremely Fast Flexible Web Fuzzer: Filebuster](https://n0where.net/extremely-fast-flexible-web-fuzzer-filebuster)
- 2016.03 [] [浅谈WEB Fuzz中需要关注的7种响应](http://www.91ri.org/15439.html)
- 2015.04 [toolswatch] [[New Tool] 0d1n v1.0 Web App Bruteforcer and Fuzzer Released](http://www.toolswatch.org/2015/04/new-tool-0d1n-v1-0-web-app-bruteforcer-and-fuzzer-released/)
- 2014.10 [tekwizz123] [Finding New Vulns With Fuzzing and Turning them Into An Exploit Part 1: Kolibri Webserver 2.0 POST Exploit Example](http://tekwizz123.blogspot.com/2014/10/finding-new-vulns-with-fuzzing-and.html)
- 2014.02 [freebuf] [手动web应用程序渗透测试-模糊测试中的后缀与前缀](http://www.freebuf.com/articles/web/26675.html)
- 2013.09 [htbridge] [ImmuniWeb® Self-Fuzzer Firefox Extension](https://www.htbridge.com/blog/immuniweb_self_fuzzer_firefox_extension.html)
- 2013.07 [digi] [Fuzzing WebSockets With ZAP](https://digi.ninja/blog/zap_fuzzing.php)
- 2012.09 [freebuf] [Web应用漏洞fuzz工具 – teenage mutant ninja turtles V 1.5](http://www.freebuf.com/sectool/5623.html)
***
- [**366**星][2y] [C] [k0keoyo/kdriver-fuzzer](https://github.com/k0keoyo/kdriver-fuzzer) 基于ioctlbf框架编写的驱动漏洞挖掘工具kDriver Fuzzer
- [**366**星][3y] [C] [fsecurelabs/kernelfuzzer](https://github.com/FSecureLABS/KernelFuzzer) Cross Platform Kernel Fuzzer Framework
- [**243**星][7m] [C] [compsec-snu/razzer](https://github.com/compsec-snu/razzer) A Kernel fuzzer focusing on race bugs
- [**212**星][2y] [C] [fsecurelabs/osxfuzz](https://github.com/FSecureLABS/OSXFuzz) macOS Kernel Fuzzer
- [**211**星][2y] [C] [silvermoonsecurity/passivefuzzframeworkosx](https://github.com/silvermoonsecurity/passivefuzzframeworkosx) This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.
- [**67**星][3y] [richinseattle/evolutionarykernelfuzzing](https://github.com/richinseattle/evolutionarykernelfuzzing) Materials for the Evolutionary Kernel Fuzzing talk at Black Hat USA 2017
- [**22**星][10y] [C] [bringhurst/xnufuzz](https://github.com/bringhurst/xnufuzz) An XNU kernel fuzz tool
- 2019.08 [trendmicro] [LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script](https://blog.trendmicro.com/trendlabs-security-intelligence/lldbfuzzer-debugging-and-fuzzing-the-apple-kernel-with-lldb-script/)
- 2019.06 [aliyun] [内核漏洞挖掘技术系列(5)——KernelFuzzer](https://xz.aliyun.com/t/5443)
- 2019.04 [aliyun] [内核fuzz技术系列(2)——bochspwn](https://xz.aliyun.com/t/4800)
- 2019.03 [securitygossip] [Razzer: Finding Kernel Race Bugs Through Fuzzing](https://securitygossip.com/blog/2019/03/06/razzer-finding-kernel-race-bugs-through-fuzzing/)
- 2019.03 [sjtu] [Razzer: Finding Kernel Race Bugs Through Fuzzing](https://loccs.sjtu.edu.cn/gossip/blog/2019/03/06/razzer-finding-kernel-race-bugs-through-fuzzing/)
- 2018.02 [360] [基于IOCTLBF框架编写的驱动漏洞挖掘工具KDRIVER FUZZER](https://www.anquanke.com/post/id/97245/)
- 2018.02 [venus] [基于 ioctlbf 框架编写的驱动漏洞挖掘工具 kDriver Fuzzer](https://paper.seebug.org/523/)
- 2018.01 [whereisk0shl] [基于ioctlbf框架编写的驱动漏洞挖掘工具kDriver Fuzzer](http://whereisk0shl.top/post/2018-01-30)
- 2017.11 [n0where] [Interface Aware Fuzzing for Kernel Drivers: DIFUZE](https://n0where.net/interface-aware-fuzzing-for-kernel-drivers-difuze)
- 2014.03 [debasish] [In-Memory Kernel Driver(IOCTL)Fuzzing using Python](http://www.debasish.in/2014/03/in-memory-kernel-driverioctlfuzzing.html)
- 2013.03 [pediy] [第一次发帖,驱动Fuzz程序[持续开发完善中]](https://bbs.pediy.com/thread-163646.htm)
- 2007.09 [evilcodecave] [Driver Fuzzing with Kartoffel](https://evilcodecave.wordpress.com/2007/09/06/driver-fuzzing-with-kartoffel/)
***
- [**234**星][7m] [HTML] [rootup/bfuzz](https://github.com/rootup/bfuzz) Fuzzing Browsers
- [**195**星][18d] [Py] [mozillasecurity/grizzly](https://github.com/mozillasecurity/grizzly) A cross-platform browser fuzzing framework
- [**113**星][8m] [Visual Basic .NET] [dzzie/comraider](https://github.com/dzzie/comraider) ActiveX Fuzzing tool with GUI, object browser, system scanner, and distributed auditing capabilities
- [**69**星][3m] [Py] [lylemi/browser-fuzz-summarize](https://github.com/lylemi/browser-fuzz-summarize) Browser Fuzz Summarize / 浏览器模糊测试综述
- [**66**星][5y] [Py] [hikerell/bfuzzer](https://github.com/hikerell/bfuzzer) A Browser Fuzzer for Vulnerbilities
- 2019.05 [360] [通过Fuzzing找出浏览器的一些怪癖](https://www.anquanke.com/post/id/179498/)
- 2019.05 [portswigger] [Provoking browser quirks with behavioural fuzzing | Blog](https://portswigger.net/blog/provoking-browser-quirks-with-behavioural-fuzzing)
- 2016.01 [freebuf] [从零开始学Fuzzing系列:浏览器fuzz工具探究之框架篇](http://www.freebuf.com/sectool/93130.html)
- 2015.12 [freebuf] [从零开始学Fuzzing系列:浏览器挖掘框架Morph诞生记](http://www.freebuf.com/sectool/89001.html)
- 2015.11 [nsfocus] [浏览器fuzz框架介绍](http://blog.nsfocus.net/web-browser-fuzzing/)
- 2013.09 [null] [My experience with the Browser Fuzzing Humla session – 31st August 2013](https://blog.null.co.in/my-experience-with-the-browser-fuzzing-humla-session-31st-august-2013/)
- 2012.08 [freebuf] [X-Fuzzer – 动态浏览器Fuzz工具](http://www.freebuf.com/sectool/5453.html)
- 2006.03 [rapid7] [Browser fuzzing for fun and profit](https://blog.rapid7.com/2006/03/30/browser-fuzzing-for-fun-and-profit/)
***
- [**318**星][28d] [Py] [cisco-talos/mutiny-fuzzer](https://github.com/cisco-talos/mutiny-fuzzer) a network fuzzer that operates by replaying PCAPs through a mutational fuzzer.
- [**243**星][1y] [Py] [hgascon/pulsar](https://github.com/hgascon/pulsar) 具有自动学习、模拟协议功能的网络 fuzzer
- [**235**星][5m] [C] [dongdongshe/neuzz](https://github.com/dongdongshe/neuzz) neural network assisted fuzzer
- [**221**星][29d] [Py] [nccgroup/fuzzowski](https://github.com/nccgroup/fuzzowski) the Network Protocol Fuzzer that we will want to use.
- [**197**星][2m] [C] [denandz/fuzzotron](https://github.com/denandz/fuzzotron) A TCP/UDP based network daemon fuzzer
- [**172**星][1y] [Py] [niloofarkheirkhah/nili](https://github.com/niloofarkheirkhah/nili) 网络扫描工具,中间人,协议逆向工程和 Fuzzing
- [**147**星][1y] [Py] [brain-research/tensorfuzz](https://github.com/brain-research/tensorfuzz) A library for performing coverage guided fuzzing of neural networks
- [**74**星][1y] [Py] [dobin/ffw](https://github.com/dobin/ffw) A fuzzing framework for network servers
- [**65**星][3y] [Py] [plantdaddy/fuzzap](https://github.com/PlantDaddy/FuzzAP) A python script for obfuscating wireless networks
- [**57**星][3y] [C] [hbowden/nextgen](https://github.com/hbowden/nextgen) A Genetic File, Syscall and Network Fuzzer.
- [**50**星][6y] [Py] [isecpartners/rtspfuzzer](https://github.com/isecpartners/rtspfuzzer) RTSP network protocol fuzzer
- [**44**星][1y] [Perl] [wireghoul/doona](https://github.com/wireghoul/doona) Network based protocol fuzzer
- [**35**星][5m] [Py] [amossys/fragscapy](https://github.com/amossys/fragscapy) Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
- [**20**星][4m] [Py] [m-zakeri/iust_deep_fuzz](https://github.com/m-zakeri/iust_deep_fuzz) A file format fuzzer base on deep neural networks.
- [**15**星][2m] [C++] [vitaliy-grigoriev/protocol-analyzer](https://github.com/vitaliy-grigoriev/protocol-analyzer) Fuzz testing framework for network protocols.
- [**5**星][2y] [Shell] [foospidy/fuzzcat](https://github.com/foospidy/fuzzcat) Rudimentary network protocol fuzzer using bash, netcat, and other tools.
- [**1**星][2m] [Py] [ins1gn1a/woollymammoth](https://github.com/ins1gn1a/woollymammoth) Toolkit for manual buffer exploitation, which features a basic network socket fuzzer, offset pattern generator and detector, bad character identifier, shellcode carver, and a vanilla EIP exploiter
- 2018.06 [freebuf] [beSTORM之网络协议Fuzz入门教程](http://www.freebuf.com/sectool/173617.html)
- 2015.12 [nsfocus] [SCADA网络fuzzing测试及防护](http://blog.nsfocus.net/scada-network-fuzzing-test-protection/)
- 2015.09 [topsec] [用alphafuzzer挖掘网络协议漏洞](http://blog.topsec.com.cn/ad_lab/alphafuzzer_npfuzz/)
- 2015.09 [topsec] [用alphafuzzer挖掘网络协议漏洞](http://blog.topsec.com.cn/alphafuzzer_npfuzz/)
- 2013.10 [pediy] [[原创]基于SKIPE的网络协议Fuzzing技术](https://bbs.pediy.com/thread-180619.htm)
- 2013.10 [toolswatch] [[New Tool] Doona Network fuzzing tool v0.7 released](http://www.toolswatch.org/2013/10/new-tool-doona-network-fuzzing-tool-v0-7-released/)
***
- [**208**星][4m] [Java] [h3xstream/http-script-generator](https://github.com/h3xstream/http-script-generator) ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
- [**62**星][6m] [Py] [pinnace/burp-jwt-fuzzhelper-extension](https://github.com/pinnace/burp-jwt-fuzzhelper-extension) Burp扩展, 用于Fuzzing JWT
- [**42**星][3y] [team-firebugs/burp-lfi-tests](https://github.com/team-firebugs/burp-lfi-tests) Fuzzing for LFI using Burpsuite
- [**28**星][3y] [Py] [floyd-fuh/burp-httpfuzzer](https://github.com/floyd-fuh/burp-httpfuzzer) Burp plugin to do random fuzzing of HTTP requests
- [**18**星][3m] [Py] [mgeeky/burpcontextawarefuzzer](https://github.com/mgeeky/burpcontextawarefuzzer) BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
- [**12**星][3y] [Java] [portswigger/reissue-request-scripter](https://github.com/portswigger/reissue-request-scripter) ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
- 2018.11 [d0znpp] [Extending fuzzing with Burp by FAST](https://medium.com/p/f67d8b5d63e7)
- 2017.09 [360] [如何使用Burp Suite Macros绕过防护进行自动化fuzz测试](https://www.anquanke.com/post/id/86768/)
- 2017.08 [4hou] [如何使用Burp Suite模糊测试SQL注入、XSS、命令执行漏洞](http://www.4hou.com/vulnerable/6933.html)
- 2017.07 [hackingarticles] [Fuzzing SQL,XSS and Command Injection using Burp Suite](http://www.hackingarticles.in/fuzzing-sqlxss-command-injection-using-burp-suite/)
- 2013.10 [debasish] [Fuzzing Facebook for $$$ using Burpy](http://www.debasish.in/2013/10/fuzzing-facebook-for-using-burpy.html)
- 2010.09 [netspi] [Fuzzing Parameters in CSRF Resistant Applications with Burp Proxy](https://blog.netspi.com/fuzzing-parameters-in-csrf-resistant-applications-with-burp-proxy/)
***
- 2019.08 [aliyun] [fuzz闭源pdf查看器](https://xz.aliyun.com/t/6003)
- 2017.11 [SECConsult] [The Art of Fuzzing - Demo 7: How to detect when a PDF finished loading](https://www.youtube.com/watch?v=XBEw6bYLHUM)
- 2013.01 [coldwind] [PDF Fuzzing Fun Continued: Status Update](http://gynvael.coldwind.pl/?id=493)
- 2013.01 [vexillium] [PDF Fuzzing Fun Continued: Status Update](http://j00ru.vexillium.org/?p=1507)
- 2013.01 [vexillium] [PDF Fuzzing Fun Continued: Status Update](https://j00ru.vexillium.org/2013/01/pdf-fuzzing-fun-continued-status-update/)
- 2012.08 [coldwind] [PDF fuzzing and Adobe Reader 9.5.1 and 10.1.3 multiple critical vulnerabilities](http://gynvael.coldwind.pl/?id=483)
- 2012.08 [vexillium] [PDF fuzzing and Adobe Reader 9.5.1 and 10.1.3 multiple critical vulnerabilities](http://j00ru.vexillium.org/?p=1175)
- 2012.08 [vexillium] [PDF fuzzing and Adobe Reader 9.5.1 and 10.1.3 multiple critical vulnerabilities](https://j00ru.vexillium.org/2012/08/pdf-fuzzing-and-adobe-reader-9-5-1-and-10-1-3-multiple-critical-vulnerabilities/)
***
- [**849**星][3m] [Swift] [googleprojectzero/fuzzilli](https://github.com/googleprojectzero/fuzzilli) A JavaScript Engine Fuzzer
- [**456**星][14d] [TS] [fuzzitdev/jsfuzz](https://github.com/fuzzitdev/jsfuzz) coverage guided fuzz testing for javascript
- 2018.01 [fuzzstation] [Fuzz Stati0n Pivots to Node JS](https://medium.com/p/5fb76253489)
- 2017.10 [nul] [开源了我之前做的jsfuzzer](http://www.nul.pw/2017/10/16/247.html)
***
- [**1386**星][23d] [C] [googleprojectzero/winafl](https://github.com/googleprojectzero/winafl) A fork of AFL for fuzzing Windows binaries
- [**39**星][11m] [C] [ivanfratric/winafl](https://github.com/ivanfratric/winafl) Windows 二进制文件fuzz工具
- [**28**星][1y] [C] [mxmssh/netafl](https://github.com/mxmssh/netafl) winAFL patch to enable network-based apps fuzzing
- [**27**星][1y] [C] [intelpt/winafl-intelpt](https://github.com/intelpt/winafl-intelpt) A fork of AFL for fuzzing Windows binaries
- 2019.11 [freebuf] [模糊测试工具WinAFL使用指南](https://www.freebuf.com/articles/system/216437.html)
- 2019.05 [aliyun] [WinAFL 源码分析](https://xz.aliyun.com/t/5108)
- 2019.02 [riusksk] [winafl中基于插桩的覆盖率反馈原理](http://riusksk.me/2019/02/02/winafl中基于插桩的覆盖率反馈原理/)
- 2019.02 [riusksk] [winafl中基于插桩的覆盖率反馈原理](http://riusksk.me/2019/02/02/winafl中基于插桩的覆盖率反馈原理/)
- 2017.11 [SECConsult] [The Art of Fuzzing - Demo 4: WinAFL workflow to fuzz Mimikatz and Taint Analysis](https://www.youtube.com/watch?v=Cq7Wv_niSLE)
- 2017.09 [sec] [Hack the Hacker – Fuzzing Mimikatz On Windows With WinAFL & Heatmaps (0day)](https://sec-consult.com/en/blog/2017/09/hack-the-hacker-fuzzing-mimikatz-on-windows-with-winafl-heatmaps-0day/)
- 2017.09 [360] [使用 WinAFL 对 MSXML6 库进行模糊测试](https://www.anquanke.com/post/id/86905/)
- 2017.06 [knownsec] [初识 Fuzzing 工具 WinAFL](http://blog.knownsec.com/2017/06/%e5%88%9d%e8%af%86-fuzzing-%e5%b7%a5%e5%85%b7-winafl/)
- 2017.01 [4hou] [智能模糊测试工具 Winafl 的使用与分析](http://www.4hou.com/technology/2800.html)
- 2016.09 [jowto] [智能模糊测试工具 Winafl 的使用与分析](http://blog.jowto.com/?p=150)
- 2016.08 [360] [初探Windows Fuzzing神器----Winafl](https://www.anquanke.com/post/id/84363/)
- 2016.07 [n0where] [Fuzzing Windows Binaries: WinAFL](https://n0where.net/fuzzing-windows-binaries-winafl)
- [**462**星][3y] [C] [nccgroup/triforceafl](https://github.com/nccgroup/triforceafl) AFL/QEMU fuzzing with full-system emulation.
- [**148**星][3y] [C] [nccgroup/triforcelinuxsyscallfuzzer](https://github.com/nccgroup/triforcelinuxsyscallfuzzer) A linux system call fuzzer using TriforceAFL
- [**41**星][3y] [C] [nccgroup/triforceopenbsdfuzzer](https://github.com/nccgroup/triforceopenbsdfuzzer) System call fuzzing of OpenBSD amd64 using TriforceAFL (i.e. AFL and QEMU)
- 2019.07 [aliyun] [内核漏洞挖掘技术系列(6)——TriforceAFL和KAFL](https://xz.aliyun.com/t/5521)
- [**412**星][2y] [Py] [rub-syssec/kafl](https://github.com/rub-syssec/kafl) Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
- [**310**星][16d] [C] [aflsmart/aflsmart](https://github.com/aflsmart/aflsmart) Smart Greybox Fuzzing (
- 2019.04 [freebuf] [AFLSmart工具简单分析及使用介绍](https://www.freebuf.com/sectool/199010.html)
- [**831**星][17d] [C] [rust-fuzz/afl.rs](https://github.com/rust-fuzz/afl.rs) run AFL on code written in the Rust programming language.
- [**808**星][8d] [C] [google/afl](https://github.com/google/afl) american fuzzy lop - a security-oriented fuzzer
- [**549**星][2y] [C] [mirrorer/afl](https://github.com/mirrorer/afl) american fuzzy lop (copy of the source code for easy access)
- [**546**星][10m] [Py] [shellphish/fuzzer](https://github.com/shellphish/fuzzer) Americanfuzzy lop 的 Python 版本接口
- [**446**星][7d] [C] [vanhauser-thc/aflplusplus](https://github.com/vanhauser-thc/aflplusplus) 带社区补丁的afl 2.56b
- [**428**星][7m] [C] [mykter/afl-training](https://github.com/mykter/afl-training) Exercises to learn how to fuzz with American Fuzzy Lop
- [**386**星][2y] [C] [battelle/afl-unicorn](https://github.com/Battelle/afl-unicorn) afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
- [**364**星][2y] [Py] [rc0r/afl-utils](https://github.com/rc0r/afl-utils) Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization
- [**298**星][1y] [Py] [mrash/afl-cov](https://github.com/mrash/afl-cov) Produce code coverage results with gcov from afl-fuzz test cases
- [**296**星][4m] [C] [mboehme/aflfast](https://github.com/mboehme/aflfast) AFLFast (extends AFL with Power Schedules)
- [**246**星][3y] [C] [ele7enxxh/android-afl](https://github.com/ele7enxxh/android-afl) Fuzzing Android program with american fuzzy lop (AFL)
- [**215**星][6m] [C] [hunter-ht-2018/ptfuzzer](https://github.com/hunter-ht-2018/ptfuzzer) 通过使用Intel PT收集分支信息来改善AFL
- [**208**星][4m] [Py] [jwilk/python-afl](https://github.com/jwilk/python-afl) American Fuzzy Lop fork server and instrumentation for pure-Python code
- [**199**星][13d] [C] [aflgo/aflgo](https://github.com/aflgo/aflgo) Directed Greybox Fuzzing with AFL
- [**192**星][2m] [Py] [fgsect/unicorefuzz](https://github.com/fgsect/unicorefuzz) Fuzzing the Kernel Using AFL-Unicorn
- [**187**星][30d] [C] [tunz/afl-fuzz-js](https://github.com/tunz/afl-fuzz-js) afl-fuzz for javascript
- [**183**星][8d] [microsvuln/awesome-afl](https://github.com/microsvuln/awesome-afl) A curated list of different AFL forks and AFL inspired fuzzers with detailed equivalent academic papers with AFL-fuzzing tutorials
- [**177**星][2y] [C] [mcarpenter/afl](https://github.com/mcarpenter/afl) DEPRECATED. Will be removed 09/2019. Please see
- [**175**星][1y] [C] [carolemieux/afl-rb](https://github.com/carolemieux/afl-rb) AFL Fuzz 工具的修改版,针对 Rare Branches
- [**168**星][4y] [C] [jdbirdwell/afl](https://github.com/jdbirdwell/afl) american fuzzy lop for network fuzzing (unofficial) -- official afl site is
- [**152**星][5y] [C++] [mothran/aflpin](https://github.com/mothran/aflpin) aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.
- [**141**星][9d] [C++] [talos-vulndev/afl-dyninst](https://github.com/talos-vulndev/afl-dyninst) American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
- [**141**星][3m] [Py] [wmliang/pe-afl](https://github.com/wmliang/pe-afl)
- [**135**星][2y] [Java] [isstac/kelinci](https://github.com/isstac/kelinci) AFL-based fuzzing for Java
- [**125**星][26d] [C#] [metalnem/sharpfuzz](https://github.com/metalnem/sharpfuzz) AFL-based fuzz testing for .NET
- [**119**星][1m] [C] [zyw-200/firmafl](https://github.com/zyw-200/firmafl) FIRM-AFL is the first high-throughput greybox fuzzer for IoT firmware.
- [**110**星][2y] [C++] [vegard/prog-fuzz](https://github.com/vegard/prog-fuzz) Compiler/source code fuzzing tool using AFL instrumentation
- [**78**星][3m] [JS] [andreafioraldi/frida-js-afl-instr](https://github.com/andreafioraldi/frida-js-afl-instr) An example on how to do performant in-memory fuzzing with AFL++ and Frida
- [**75**星][3m] [C] [puppet-meteor/mopt-afl](https://github.com/puppet-meteor/mopt-afl) MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers"
- [**74**星][1y] [C] [forte-research/untracer-afl](https://github.com/forte-research/untracer-afl) An AFL implementation with UnTracer (our coverage-guided tracer)
- [**73**星][5m] [vanhauser-thc/afl-patches](https://github.com/vanhauser-thc/afl-patches) Patches to afl to fix bugs or add enhancements
- [**72**星][4m] [C] [shellphish/afl-other-arch](https://github.com/shellphish/afl-other-arch) AFL, with scripts to support other architectures.
- [**63**星][2m] [C] [riscure/optee_fuzzer](https://github.com/riscure/optee_fuzzer) This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.
- [**60**星][2m] [Py] [shellphish/shellphish-afl](https://github.com/shellphish/shellphish-afl) A pip wrapper around AFL.
- [**58**星][2y] [mrash/afl-cve](https://github.com/mrash/afl-cve) AFL fuzzer发现的漏洞集合
- [**53**星][2y] [C] [rc0r/afl-fuzz](https://github.com/rc0r/afl-fuzz) Non-official repository for lcamtuf's American Fuzzy Lop
- [**43**星][8m] [C++] [vanhauser-thc/afl-pin](https://github.com/vanhauser-thc/afl-pin) run AFL with pintool
- [**41**星][3y] [C] [kanglictf/afl-qai](https://github.com/kanglictf/afl-qai) A demo project for AFL with QEMU Augmented Instrumentation (qai)
- [**38**星][1m] [Py] [adrianherrera/afl-mutation-graph](https://github.com/adrianherrera/afl-mutation-graph) Recover mutation graph from an AFL seed
- [**38**星][1m] [Py] [adrianherrera/afl-mutation-graph](https://github.com/adrianherrera/afl-mutation-graph) Recover mutation graph from an AFL seed
- [**36**星][1y] [C] [abiondo/afl](https://github.com/abiondo/afl) My fork of American Fuzzy Lop
- [**36**星][10m] [C] [mboehme/pythia](https://github.com/mboehme/pythia) Pythia (extends AFL with Predictions)
- [**36**星][7d] [C++] [vanhauser-thc/afl-dyninst](https://github.com/vanhauser-thc/afl-dyninst) American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
- [**31**星][2y] [Java] [barro/java-afl](https://github.com/barro/java-afl) Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
- [**31**星][2y] [C] [tigerpuma/afl_unicorn](https://github.com/tigerpuma/afl_unicorn)
- [**30**星][3y] [Py] [bshastry/afl-sancov](https://github.com/bshastry/afl-sancov) AFL coverage tool using Clang SanitizerCoverage
- [**29**星][4y] [Go] [bnagy/afl-launch](https://github.com/bnagy/afl-launch) Boring tool to launch multiple afl-fuzz instances
- [**25**星][4y] [C] [leetchicken/afl](https://github.com/leetchicken/afl) Unofficial American Fuzzy Lop repo
- [**24**星][4y] [C] [arizvisa/afl-cygwin](https://github.com/arizvisa/afl-cygwin) AFL "mostly" ported to cygwin
- [**23**星][3y] [Py] [markusteufelberger/afl-ddmin-mod](https://github.com/markusteufelberger/afl-ddmin-mod) Test case minimizer for afl-fuzz
- [**23**星][2y] [proteas/afl-swift](https://github.com/proteas/afl-swift) use afl to fuzz swift program
- [**22**星][8m] [C] [junxzm1990/afl-pt](https://github.com/junxzm1990/afl-pt)
- [**22**星][3y] [Py] [reflare/afl-monitor](https://github.com/reflare/afl-monitor) A monitoring script for AFL
- [**20**星][2m] [Py] [axt/afl-cov](https://github.com/axt/afl-cov) AFL fuzzing coverage CFG visualization
- [**20**星][3y] [C] [bnagy/osx-afl-llvm](https://github.com/bnagy/osx-afl-llvm) Barely working LLVM mode for AFL on OSX
- [**18**星][5m] [C++] [kirasys/unicorn-fuzzer](https://github.com/kirasys/unicorn-fuzzer) expansion of afl-unicorn using c++
- [**15**星][1y] [Py] [rc0r/afl-utils](https://gitlab.com/rc0r/afl-utils)
- [**14**星][9d] [C++] [vanhauser-thc/afl-dynamorio](https://github.com/vanhauser-thc/afl-dynamorio) run AFL with dynamorio
- [**14**星][2m] [C] [vanhauser-thc/afl-simulate](https://github.com/vanhauser-thc/afl-simulate) Simulate afl-fuzz
- [**13**星][18d] [C] [wrauner/afl-fuzzing-training](https://github.com/wrauner/afl-fuzzing-training) AFL training workshop materials
- [**12**星][5y] [C] [jonasnick/bitcoinconsensus_testcases](https://github.com/jonasnick/bitcoinconsensus_testcases) These testcases are generated by running afl-fuzz against libbitcoinconsensus.
- [**10**星][5y] [Go] [bnagy/aflfix](https://github.com/bnagy/aflfix) Use any program to perform fixups for afl via AFL_POST_LIBRARY
- [**10**星][1y] [C] [spolu/gym_fuzz1ng](https://github.com/spolu/gym_fuzz1ng) OpenAI Gym environment for binary fuzzing based on afl
- [**10**星][9m] [C++] [atrosinenko/afl-dr](https://github.com/atrosinenko/afl-dr) Experiment in implementation of an instrumentation for American Fuzzy Lop using DynamoRIO
- [**7**星][1y] [C] [cloudsriseup/fuzzy](https://github.com/cloudsriseup/fuzzy) A faster version of AFL-Fuzz used for DARPA Cyber Grand Challenge with optimized scheduler code
- [**7**星][8m] [C++] [orbitcowboy/afl_cppcheck](https://github.com/orbitcowboy/afl_cppcheck) A script to start fuzzing of cppcheck with american fuzzy lop
- [**6**星][3m] [C++] [spinpx/afl_pin_mode](https://github.com/spinpx/afl_pin_mode) Yet another AFL instrumentation tool implemented by Intel Pin.
- [**6**星][5m] [C++] [alexandrecarlton/afl-docker](https://github.com/alexandrecarlton/afl-docker) american fuzzy lop in a Docker container
- [**4**星][3m] [Py] [putsi/afl-mruby](https://github.com/putsi/afl-mruby) Docker-based AFL-Fuzzer for MRuby
- [**4**星][5m] [wolframroesler/afl-demo](https://github.com/wolframroesler/afl-demo) Simple demonstration for how to fuzz test a C++ program with AFL.
- [**1**星][4y] [C] [jhector/sphinxfuzz](https://github.com/jhector/sphinxfuzz) AFL Fuzzing environment for fuzzing pocketsphinx
- [**1**星][7m] [PHP] [antonin-deniau/php-fuzz](https://github.com/antonin-deniau/php-fuzz) A somewhat functional PHP fuzzer heavily inspired by AFL
- [**0**星][5m] [C] [innovimax/afl-1](https://github.com/innovimax/afl-1) Unofficial American Fuzzy Lop repo
- 2020.01 [freebuf] [基于AFL的Java程序Fuzz工具:Kelinci](https://www.freebuf.com/sectool/224294.html)
- 2019.12 [4hou] [基于AFL对Linux内核模糊测试的过程详述](https://www.4hou.com/penetration/21368.html)
- 2019.10 [HackersOnBoard] [AFL's Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries](https://www.youtube.com/watch?v=fhNNPJVlj4A)
- 2019.10 [4hou] [使用AFL对Linux内核Fuzzing的总结](https://www.4hou.com/info/news/20269.html)
- 2019.08 [aliyun] [使用 afl-unicorn: Fuzzing 任意二进制代码](https://xz.aliyun.com/t/5968)
- 2019.08 [aliyun] [内核漏洞挖掘技术系列(6)——使用AFL进行内核漏洞挖掘(2)](https://xz.aliyun.com/t/5943)
- 2019.08 [aliyun] [使用 afl-unicorn: Fuzzing 任意二进制代码](https://xz.aliyun.com/t/5938)
- 2019.07 [robertheaton] [How to write an afl wrapper for any language](https://robertheaton.com/2019/07/08/how-to-write-an-afl-wrapper-for-any-language/)
- 2019.06 [doyler] [AFL Introduction – Installation and Basic Fuzzing](https://www.doyler.net/security-not-included/afl-introduction)
- 2019.05 [nextplatform] [Cray, AMD Tag Team On 1.5 Exaflops “Frontier” Supercomputer](https://www.nextplatform.com/2019/05/07/cray-amd-tag-team-on-1-5-exaflops-frontier-supercomputer/)
- 2019.04 [freebuf] [Pe-afl:一款支持对Windows二进制程序的afl fuzz工具](https://www.freebuf.com/sectool/199390.html)
- 2019.04 [aliyun] [AFL源码分析笔记(一)](https://xz.aliyun.com/t/4628)
- 2019.03 [freebuf] [AFL漏洞挖掘技术漫谈(二):Fuzz结果分析和代码覆盖率](https://www.freebuf.com/articles/system/197678.html)
- 2019.03 [4hou] [Chafer使用的新的基于Python的有效载荷MechaFlounder](https://www.4hou.com/web/16725.html)
- 2019.03 [aliyun] [初探Fuzz-AFL](https://xz.aliyun.com/t/4314)
- 2019.03 [venus] [AFL 漏洞挖掘技术漫谈(二):Fuzz 结果分析和代码覆盖率](https://paper.seebug.org/842/)
- 2019.03 [topsec] [AFL漏洞挖掘技术漫谈(一):用AFL开始你的第一次Fuzzing](http://blog.topsec.com.cn/afl%e6%bc%8f%e6%b4%9e%e6%8c%96%e6%8e%98%e6%8a%80%e6%9c%af%e6%bc%ab%e8%b0%88%ef%bc%88%e4%b8%80%ef%bc%89%ef%bc%9a%e7%94%a8afl%e5%bc%80%e5%a7%8b%e4%bd%a0%e7%9a%84%e7%ac%ac%e4%b8%80%e6%ac%a1fuzzing/)
- 2019.03 [paloaltonetworks] [New Python-Based Payload MechaFlounder Used](https://unit42.paloaltonetworks.com/new-python-based-payload-mechaflounder-used-by-chafer/)
- 2019.02 [robertheaton] [Introducing Afl-Ruby: fuzz your Ruby programs using afl](https://robertheaton.com/2019/02/16/introducing-afl-ruby/)
- 2019.01 [mijailovic] [SharpFuzz: Bringing the power of afl-fuzz to .NET platform](https://mijailovic.net/2019/01/03/sharpfuzz/)
- 2019.01 [klee] [SAFL: Increasing and Accelerating Testing Coverage with Symbolic Execution and Guided Fuzzing](https://dl.acm.org/citation.cfm?id=3183494)
- 2018.10 [obscuritylabs] [Docker + AFL: Effective, scalable reproducible fuzzing](https://blog.obscuritylabs.com/docker-afl-effective-reproducable-fuzzing/)
- 2018.10 [cloudflare] [Mapping Factorio with Leaflet](https://blog.cloudflare.com/mapping-factorio-with-leaflet/)
- 2018.09 [aliyun] [利用Java Security Manager进行Java AFL Fuzz](https://xz.aliyun.com/t/2820)
- 2018.09 [aliyun] [提高AFL qemu模式性能](https://xz.aliyun.com/t/2805)
- 2018.09 [aliyun] [[翻译] 使用AFL对CSGO进行模糊测试](https://xz.aliyun.com/t/2705)
- 2018.08 [phoenhex] [Fuzzing Counter-Strike: Global Offensive maps files with AFL](https://phoenhex.re/2018-08-26/csgo-fuzzing-bsp)
- 2018.05 [0x00sec] [Does American fuzzy lop works on windows?](https://0x00sec.org/t/does-american-fuzzy-lop-works-on-windows/6810/)
- 2018.04 [0x00sec] [Fuzzing projects with american fuzzy lop (AFL)](https://0x00sec.org/t/fuzzing-projects-with-american-fuzzy-lop-afl/6498/)
- 2018.04 [countuponsecurity] [Intro to American Fuzzy Lop – Fuzzing with ASAN and beyond](https://countuponsecurity.com/2018/04/24/intro-to-american-fuzzy-lop-fuzzing-with-asan-and-beyond/)
- 2018.03 [countuponsecurity] [Intro to American Fuzzy Lop – Fuzzing in 5 steps](https://countuponsecurity.com/2018/03/07/intro-to-american-fuzzy-lop-fuzzing-in-5-steps/)
- 2018.02 [arxiv] [[1802.10215] Var-CNN and DynaFlow: Improved Attacks and Defenses for Website Fingerprinting](https://arxiv.org/abs/1802.10215)
- 2018.02 [hyperiongray] [Fuzzing Linux GUI/GTK Programs With American Fuzzy Lop (AFL) For Fun And Pr... You Get the Idea. Part One.](https://blog.hyperiongray.com/fuzzing-gtk-programs-with-american-fuzzy-lop-afl/)
- 2018.02 [tunnelshade] [Internals of AFL fuzzer - QEMU Instrumentation](https://tunnelshade.in/blog/2018/02/afl-internals-qemu-instrumentation/)
- 2018.02 [intideceukelaire] [OEPS: Dit verklapt Facebook over de afloop van Temptation Island](https://medium.com/p/3d2778f91e9f)
- 2018.01 [tunnelshade] [AFL fuzzer 内部实现之:Compile Time Instrumentation](https://tunnelshade.in/blog/2018/01/afl-internals-compile-time-instrumentation/)
- 2018.01 [venus] [AFL(American Fuzzy Lop)实现细节与文件变异](https://paper.seebug.org/496/)
- 2017.11 [pediy] [[翻译]类似AFL软件实现的属性测试技术](https://bbs.pediy.com/thread-222917.htm)
- 2017.11 [SECConsult] [The Art of Fuzzing - Demo 2: AFL workflow with FFMPEG](https://www.youtube.com/watch?v=0dqL6vfPCek)
- 2017.11 [aliyun] [AFL-FUZZ 启用 llvm](https://xz.aliyun.com/t/1541)
- 2017.11 [njvoss299] [afl-unicorn: Part 2 — Fuzzing the ‘Unfuzzable’](https://medium.com/p/bea8de3540a5)
- 2017.10 [njvoss299] [afl-unicorn: Fuzzing Arbitrary Binary Code](https://medium.com/p/563ca28936bf)
- 2017.09 [fuzzstation] [Preparing an Application for AFL-Fuzz](https://medium.com/p/a2a838c949cb)
- 2017.09 [fuzzstation] [Breaking Ruby’s Unmarshal with AFL-Fuzz](https://medium.com/p/6b5f72b581d5)
- 2017.09 [fuzzstation] [Fuzz Testing: Choosing a Seed File for AFL](https://medium.com/p/fee4a09753c2)
- 2017.08 [fuzzstation] [Quick-start: Fuzzing with AFL](https://medium.com/p/ac7bb8fcae52)
- 2017.07 [thecyberrecce] [Exploit Development with AFL, PEDA and PwnTools](http://thecyberrecce.net/2017/07/28/exploit-development-with-afl-peda-and-pwntools/)
- 2017.07 [reverse] [How to compile AFL's LLVM mode in OS X](https://reverse.put.as/2017/07/10/compiling-afl-osx-llvm-mode/)
- 2017.06 [pediy] [[原创]afl-fuzz源码情景分析,详细读码笔记,freemind版本和word版本](https://bbs.pediy.com/thread-218671.htm)
- 2017.06 [sensepost] [Fuzzing Apache httpd server with American Fuzzy Lop + persistent mode](https://sensepost.com/blog/2017/fuzzing-apache-httpd-server-with-american-fuzzy-lop-%2B-persistent-mode/)
- 2017.05 [animal0day] [Fuzzing Apache httpd server with American Fuzzy Lop + persistent mode](https://animal0day.blogspot.com/2017/05/fuzzing-apache-httpd-server-with.html)
- 2017.04 [geeknik] [A quick and dirty guide to "Fuzzing with AFL for fun and maybe a little profit"](http://www.geeknik.net/4rzj8nz7n)
- 2017.04 [360] [OpenSSH模糊测试技巧之AFL的妙用(二)](https://www.anquanke.com/post/id/85862/)
- 2017.04 [360] [OpenSSH模糊测试技巧之AFL的妙用(一)](https://www.anquanke.com/post/id/85826/)
- 2017.03 [thecyberrecce] [Software Exploit Development – Fuzzing with AFL](http://thecyberrecce.net/2017/03/20/software-exploit-development-fuzzing-with-afl/)
- 2017.03 [vegardno] [Fuzzing the OpenSSH daemon using AFL](http://www.vegardno.net/2017/03/fuzzing-openssh-daemon-using-afl.html)
- 2017.03 [venus] [在Linux上使用AFL对Stagefright进行模糊测试](https://paper.seebug.org/245/)
- 2017.03 [pediy] [[原创]在Linux上使用AFL对Stagefright进行模糊测试](https://bbs.pediy.com/thread-216319.htm)
- 2017.03 [ele7enxxh] [在Linux上使用AFL对Stagefright进行模糊测试](http://ele7enxxh.com/Use-AFL-For-Stagefright-Fuzzing-On-Linux.html)
- 2017.01 [aurainfosec] [Hunting For Bugs With AFL 101 - A PRIMER](http://research.aurainfosec.io/hunting-for-bugs-101/)
- 2016.09 [ele7enxxh] [使用afl-dyninst fuzz无源码的二进制程序](http://ele7enxxh.com/Use-AFL-dyninst-To-Fuzz-Blackbox-Binaries.html)
- 2016.08 [geeknik] [Fuzzing Perl: A Tale of Two American Fuzzy Lops](http://www.geeknik.net/71nvhf1fp)
- 2016.07 [hackingdistributed] [Graph Databases: Dataflow vs. Traditional Models](http://hackingdistributed.com/2016/07/27/graph-databases-dataflow-vs-traditional/)
- 2016.07 [moyix] [Fuzzing with AFL is an Art](http://moyix.blogspot.com/2016/07/fuzzing-with-afl-is-an-art.html)
- 2016.04 [n0where] [American Fuzzy Lop Utilities: afl-utils](https://n0where.net/american-fuzzy-lop-utilities-afl-utils)
- 2016.02 [theobsidiantower] [AFL](https://theobsidiantower.com/2016/02/22/f7acc32272782740bfb25879781c5512c20a31fb.html)
- 2015.11 [freebuf] [我是如何对dnsmasq使用afl-fuzz差点拯救互联网的?](http://www.freebuf.com/news/85762.html)
- 2015.10 [fuzzing] [Network fuzzing with american fuzzy lop](https://blog.fuzzing-project.org/27-Network-fuzzing-with-american-fuzzy-lop.html)
- 2015.10 [hackingarticles] [Logical Forensics of an Android Device using AFLogical](http://www.hackingarticles.in/logical-forensics-of-an-android-device-using-aflogical/)
- 2015.09 [n0where] [Security Oriented Fuzzer: American Fuzzy Lop](https://n0where.net/security-oriented-fuzzer-american-fuzzy-lop)
- 2015.08 [metaflows] [MetaFlows Announces Virtual Sandboxing in Amazon Cloud: Advanced Feature in MSS Delivers Unlimited Scalability for Sandboxes](https://www.metaflows.com/blog/metaflows-announces-virtual-sandboxing-in-amazon-cloud-advanced-feature-in-mss-delivers-unlimited-scalability-for-sandboxes/)
- 2015.07 [fastly] [How to fuzz a server with American Fuzzy Lop](https://www.fastly.com/blog/how-fuzz-server-american-fuzzy-lop)
- 2015.07 [skullsecurity] [How I nearly almost saved the Internet, starring afl-fuzz and dnsmasq](https://blog.skullsecurity.org/2015/how-i-nearly-almost-saved-the-internet-starring-afl-fuzz-and-dnsmasq)
- 2015.06 [metaflows] [MetaFlows New Packet Data Viewer](https://www.metaflows.com/blog/metaflows-new-packet-data-viewer/)
- 2015.06 [metaflows] [MetaFlows at BlackHat 2015](https://www.metaflows.com/blog/metaflows-at-blackhat-2015/)
- 2015.05 [metaflows] [MetaFlows in the Top-20 Security Companies for 2015](https://www.metaflows.com/blog/metaflows-in-the-top-20-security-companies-for-2015/)
- 2015.04 [evilsocket] [Fuzzing With AFL-Fuzz, a Practical Example ( AFL vs Binutils )](https://www.evilsocket.net/2015/04/30/fuzzing-with-afl-fuzz-a-practical-example-afl-vs-binutils/)
- 2015.04 [alexgaynor] [Introduction to Fuzzing in Python with AFL](https://alexgaynor.net/2015/apr/13/introduction-to-fuzzing-in-python-with-afl/)
- 2015.03 [danluu] [Combining AFL and QuickCheck for directed fuzzing](https://danluu.com/testing/)
- 2015.01 [] [Let's have (not) fun with afl](http://0x90909090.blogspot.com/2015/01/lets-have-not-fun-with-afl.html)
- 2015.01 [] [Let's have some fun with afl](http://0x90909090.blogspot.com/2015/01/lets-have-some-fun-with-afl.html)
- 2015.01 [] [Is fuzzing obsolete? No, afl rocks!](http://0x90909090.blogspot.com/2015/01/is-fuzzing-obsolete-no-afl-rocks.html)
- 2014.12 [metaflows] [MetaFlows: SC Magazine Innovators Hall of Fame](https://www.metaflows.com/blog/metaflows-innovator-hall-of-fame/)
- 2014.08 [toolswatch] [[New Tool] American Fuzzy Lop v0.26b Released](http://www.toolswatch.org/2014/08/new-tool-american-fuzzy-lop-v0-26b-released/)
- 2014.06 [rapid7] [Google Cloud DataFlow – A Game Changer?](https://blog.rapid7.com/2014/06/30/google-cloud-dataflow-a-game-changer/)
- 2012.01 [metaflows] [Payload and Event Reporting by MetaFlows CEO Livio Ricciulli, Part III](https://www.metaflows.com/blog/payload-and-event-reporting-by-metaflows-ceo-livio-ricciulli-part-iii/)
- 2012.01 [metaflows] [MetaFlows Launches Low-cost SaaS Product That Unifies network Security](https://www.metaflows.com/blog/metaflows-launches-low-cost-saas-product-that-unifies-network-security/)
- 2012.01 [metaflows] [MetaFlows Announces Software-Based IDPS, Enables IDPS Hardware for 1/10 the Price](https://www.metaflows.com/blog/metaflows-announces-software-based-idps-enables-idps-hardware-for-110-the-price/)
- 2012.01 [metaflows] [Network Security Performance Tuning by MetaFlows CEO Livio Ricciulli, Part II](https://www.metaflows.com/blog/network-security-performance-tuning-by-metaflows-ceo-livio-ricciulli-part-ii/)
- 2012.01 [metaflows] [Network Security Monitoring Delivered Through a Software as a Service Model by MetaFlows CEO Livio Ricciulli, Part I](https://www.metaflows.com/blog/network-security-monitoring-delivered-through-a-software-as-a-service-model-by-metaflows-ceo-livio-ricciulli-part-i/)
- 2011.07 [yurichev] [27-Jul-2011: Dataflow tracker](https://yurichev.com/blog/65/)
- 2009.11 [metaflows] [MetaFlows Helps Secure Supercomputing 2009](https://www.metaflows.com/blog/metaflows-helps-secure-supercomputing-2009/)
- 2009.08 [metaflows] [MetaFlows Awarded NSF Phase II Grant](https://www.metaflows.com/blog/metaflows-gets-nsf-phase-ii/)
- 2008.07 [sans] [A twist in fluxnet operations. Enter Hydraflux](https://isc.sans.edu/forums/diary/A+twist+in+fluxnet+operations+Enter+Hydraflux/4753/)
- 2005.08 [jeremiahgrossman] [after the GGAFL Grand Finals links](http://blog.jeremiahgrossman.com/2005/08/after-ggafl-grand-finals-links.html)
***
- [**790**星][2y] [C++] [dor1s/libfuzzer-workshop](https://github.com/dor1s/libfuzzer-workshop) Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
- [**501**星][12d] [Rust] [rust-fuzz/cargo-fuzz](https://github.com/rust-fuzz/cargo-fuzz) libFuzzer的wrapper
- [**251**星][6m] [C] [pagalaxylab/unifuzzer](https://github.com/PAGalaxyLab/uniFuzzer) A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
- [**142**星][1y] [C++] [guidovranken/libfuzzer-gv](https://github.com/guidovranken/libfuzzer-gv) 加强版 libFuzzer:超快速Fuzzing 的新技巧
- [**58**星][3y] [Shell] [ouspg/libfuzzerfication](https://github.com/ouspg/libfuzzerfication) libfuzzerfication - fuzzing for the rest of us!
- [**58**星][9m] [C++] [mozillasecurity/libfuzzer-python-bridge](https://github.com/mozillasecurity/libfuzzer-python-bridge) A Python3 bridge for implementing custom libFuzzer mutators
- [**3**星][2y] [C] [jcupitt/vips-libfuzzer](https://github.com/jcupitt/vips-libfuzzer) experiment with libfuzzer
- [**1**星][11m] [C++] [butterflyhack/hunspell-crash](https://github.com/butterflyhack/hunspell-crash) find a crash by libfuzzer
- [**0**星][21d] [C++] [rust-fuzz/libfuzzer-sys](https://github.com/rust-fuzz/libfuzzer-sys) ARCHIVED version of rust-fuzz/libfuzzer
- 2019.11 [freebuf] [uniFuzzer:一款基于Unicorn和LibFuzzer的闭源模糊测试工具](https://www.freebuf.com/sectool/216771.html)
- 2019.08 [venus] [基于 Unicorn 和 LibFuzzer 的模拟执行 fuzzing](https://paper.seebug.org/1002/)
- 2019.03 [4hou] [通过libFuzzer实现结构敏感型的模糊测试技术(下)](https://www.4hou.com/technology/16633.html)
- 2019.03 [4hou] [通过libFuzzer实现结构敏感型的模糊测试技术(上)](https://www.4hou.com/technology/16554.html)
- 2017.11 [SECConsult] [The Art of Fuzzing - Demo 3: LibFuzzer Demonstration](https://www.youtube.com/watch?v=I1bTf42CK6Q)
- 2017.07 [4hou] [一款更快的 libFuzzer:libFuzzer-gv](http://www.4hou.com/tools/6190.html)
- 2017.07 [guidovranken] [libFuzzer-gv: new techniques for dramatically faster fuzzing](https://guidovranken.wordpress.com/2017/07/08/libfuzzer-gv-new-techniques-for-dramatically-faster-fuzzing/)
- 2017.07 [guidovranken] [libFuzzer 介绍](https://guidovranken.com/2017/07/08/libfuzzer-gv-new-techniques-for-dramatically-faster-fuzzing/)
- 2017.07 [geeknik] [Quick and Dirty Guide to Fuzzing V8 with libFuzzer](http://www.geeknik.net/9t76jygu1)
- 2017.01 [da] [Finding Bugs in TensorFlow with LibFuzzer](https://da-data.blogspot.com/2017/01/finding-bugs-in-tensorflow-with.html)
- 2016.12 [insinuator] [TR17 Training: Fuzzing with American Fuzzy Lop, Address Sanitizer and LibFuzzer](https://insinuator.net/2016/12/tr17-training-fuzzing-with-american-fuzzy-lop-address-sanitizer-and-libfuzzer/)
***
- [**323**星][26d] [Py] [mozillasecurity/dharma](https://github.com/mozillasecurity/dharma) Generation-based, context-free grammar fuzzer.
- 2019.02 [aliyun] [用DHARMA实现FUZZ LOGICS](https://xz.aliyun.com/t/4045)
- 2019.01 [zerodayinitiative] [Implementing Fuzz Logics with Dharma](https://www.zerodayinitiative.com/blog/2019/1/31/implementing-fuzz-logics-with-dharma)
***
- [**282**星][10m] [Py] [mozillasecurity/peach](https://github.com/mozillasecurity/peach) Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.
- [**70**星][3y] [C] [payatu/emffuzzer](https://github.com/payatu/emffuzzer) Enhanced Meta File Fuzzer based on Peach Fuzzing Framework
- [**60**星][3y] [Py] [sirusdv/edgehttp2fuzzer](https://github.com/sirusdv/edgehttp2fuzzer) Peach Pit for HTTP/2 Targeting Microsoft Edge
- [**48**星][4m] [Py] [hatriot/peachorchard](https://github.com/hatriot/peachorchard) Peach Fuzzer Web Frontend
- [**44**星][2m] [C] [tidesec/peach_fuzzing](https://github.com/tidesec/peach_fuzzing) 在学习使用peach进行模糊测试时,搜集到的一些不错的资料,以及配套的一些软件或脚本。
- [**39**星][6y] [Py] [proteansec/fuzzyftp](https://github.com/proteansec/fuzzyftp) The FTP fuzzer for Sulley and Peach.
- [**29**星][3y] [Py] [calebstewart/peach](https://github.com/calebstewart/peach) Simple vulnerability scanning framework
- [**25**星][6y] [C#] [isecpartners/peachfarmer](https://github.com/isecpartners/peachfarmer) A log collector for Peach fuzzing in the cloud
- [**3**星][3y] [Py] [o0xmuhe/filefmt_fuzz_with_peach](https://github.com/o0xmuhe/filefmt_fuzz_with_peach)
- [**2**星][1y] [Java] [peachtech/peachapisec-burp](https://github.com/peachtech/peachapisec-burp) Peach API Security Burp Integration
- 2019.11 [freebuf] [使用Peach进行模糊测试从入门到放弃](https://www.freebuf.com/articles/ics-articles/219996.html)
- 2019.11 [freebuf] [Peach原理简介与实战:以Fuzz Web API为例](https://www.freebuf.com/sectool/219584.html)
- 2018.10 [arxiv] [[1810.02066] Turning Lemons into Peaches using Secure Computation](https://arxiv.org/abs/1810.02066)
- 2017.08 [rootedconmadrid] [YIHAN LIAN & ZHIBIN HU - Smarter Peach: Add Eyes to Peach Fuzzer [Rooted CON 2017 - ENG]](https://www.youtube.com/watch?v=tivSuY6rJVg)
- 2017.03 [freebuf] [智能模糊测试工具Peach Fuzzer官方文档翻译](http://www.freebuf.com/sectool/130191.html)
- 2016.12 [duo] [HTTP/2 Peach Pit for Microsoft Edge](https://duo.com/blog/http2-peach-pit-for-microsoft-edge)
- 2016.11 [freebuf] [深入探究文件Fuzz工具之Peach实战](http://www.freebuf.com/sectool/120650.html)
- 2016.08 [myonlinesecurity] [Voice Message from Outside Caller (3m 54s) Peach Telecom delivers #Locky /#Zepto](https://myonlinesecurity.co.uk/voice-message-from-outside-caller-3m-54s-peach-telecom-delivers-locky-zepto/)
- 2016.05 [freebuf] [PitGen:帮你利用010Editor的模板生成对应的Peach PIT](http://www.freebuf.com/sectool/103548.html)
- 2015.12 [freebuf] [工控网络协议模糊测试:用peach对modbus协议进行模糊测试](http://www.freebuf.com/articles/security-management/88249.html)
- 2015.10 [myonlinesecurity] [Invoice 1377 peachsoftware.co.uk – fake PDF malware](https://myonlinesecurity.co.uk/invoice-1377-peachsoftware-co-uk-fake-pdf-malware/)
- 2015.07 [nsfocus] [浅析Peach Fuzz](http://blog.nsfocus.net/peach-fuzz/)
- 2013.07 [pediy] [[原创]文件Fuzz教程之四:Peach Pit模版调试技巧](https://bbs.pediy.com/thread-176419.htm)
- 2013.07 [pediy] [[原创]文件Fuzz教程之三:Peach实战之gif文件格式](https://bbs.pediy.com/thread-176418.htm)
- 2013.07 [pediy] [[原创]文件Fuzz教程之二:Peach语法实战](https://bbs.pediy.com/thread-176417.htm)
- 2013.07 [pediy] [[原创]文件Fuzz教程之一:Peach语法介绍](https://bbs.pediy.com/thread-176416.htm)
- 2011.12 [pediy] [[原创]用peach又发现一个飞秋bug,不知道对不](https://bbs.pediy.com/thread-144446.htm)
- 2011.04 [toolswatch] [Peach The Fuzzing Platform v2.3.8 released](http://www.toolswatch.org/2011/04/peach-the-fuzzing-platform-v2-3-8-released/)
- 2008.11 [trendmicro] [Malware Watch: Obama ‘Impeachment’ Spam](https://blog.trendmicro.com/trendlabs-security-intelligence/malware-watch-obama-impeachment-spam/)
***
- [**25**星][3y] [C] [guilhermeferreira/spikepp](https://github.com/guilhermeferreira/spikepp) SPIKE is a protocol fuzzer creation kit. It provides an API that allows a user to create their own fuzzers for network based protocols using the C++ programming language. The tool defines a number of primitives that it makes available to C coders, which allows it to construct fuzzed messages called “SPIKES” that can be sent to a network service …
- 2018.08 [aliyun] [自动化SPIKE fuzzer](https://xz.aliyun.com/t/2654)
- 2018.08 [aliyun] [使用SPIKE fuzzer挖掘漏洞](https://xz.aliyun.com/t/2652)
- 2017.06 [hackers] [Exploit Development, Part 3: Finding Vulnerabilities by Fuzzing with Spike](https://www.hackers-arise.com/single-post/2017/06/21/Exploit-Development-Part-3-Finding-Vulnerabilities-by-Fuzzing-with-Spike)
- 2011.12 [riusksk] [基于SPIKE的网络协议Fuzzing技术](http://riusksk.me/2011/12/30/spike-fuzz/)
- 2009.05 [pediy] [SPIKE使用总结](https://bbs.pediy.com/thread-89181.htm)
- 2008.07 [pediy] [[技术专题]软件漏洞挖掘之一_SPIKE](https://bbs.pediy.com/thread-68516.htm)
***
- [**548**星][3m] [Py] [shellphish/driller](https://github.com/shellphish/driller) augmenting AFL with symbolic execution!
- [**66**星][3y] [C] [shellphish/driller-afl](https://github.com/shellphish/driller-afl) A version of AFL tailored for Driller's use in analyzing CGC binaries.
- [**13**星][1y] [Py] [cxm95/ida_wrapper](https://github.com/cxm95/ida_wrapper) An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.
***
- [**2748**星][7d] [Go] [google/syzkaller](https://github.com/google/syzkaller) 一个unsupervised、以 coverage 为导向的Linux 系统调用fuzzer
- 2019.06 [aliyun] [内核漏洞挖掘技术系列(4)——syzkaller(5)](https://xz.aliyun.com/t/5401)
- 2019.05 [aliyun] [内核漏洞挖掘技术系列(4)——syzkaller(4)](https://xz.aliyun.com/t/5223)
- 2019.05 [aliyun] [内核漏洞挖掘技术系列(4)——syzkaller(3)](https://xz.aliyun.com/t/5154)
- 2019.05 [aliyun] [内核漏洞挖掘技术系列(4)——syzkaller(2)](https://xz.aliyun.com/t/5098)
- 2019.05 [aliyun] [内核漏洞挖掘技术系列(4)——syzkaller(1)](https://xz.aliyun.com/t/5079)
- 2019.04 [OffensiveCon] [OffensiveCon19 - Andrey Konovalov - Coverage-Guided USB Fuzzing with Syzkaller](https://www.youtube.com/watch?v=1MD5JV6LfxA)
- 2017.11 [n0where] [Unsupervised Coverage-Guided Kernel Fuzzer: syzkaller](https://n0where.net/unsupervised-coverage-guided-kernel-fuzzer-syzkaller)
- 2017.08 [freebuf] [Syzkaller:Linux内核模糊测试工具分享](http://www.freebuf.com/sectool/142969.html)
- 2016.08 [vegardno] [Debugging a kernel crash found by syzkaller](http://www.vegardno.net/2016/08/sync-debug.html)
***
- [**4100**星][7d] [Py] [google/clusterfuzz](https://github.com/google/clusterfuzz) 可扩展的Fuzzing基础架构
- 2019.02 [n0where] [Scalable Fuzzing Infrastructure: ClusterFuzz](https://n0where.net/scalable-fuzzing-infrastructure-clusterfuzz)
- 2012.04 [freebuf] [Google为Chrome引入“ClusterFuzz”严酷测试环境](http://www.freebuf.com/news/283.html)
***
- [**4941**星][7d] [C] [google/oss-fuzz](https://github.com/google/oss-fuzz) 对开源软件进行持续性fuzzing
- [**23**星][2y] [Shell] [aflgo/oss-fuzz](https://github.com/aflgo/oss-fuzz) OSS-Fuzz - integrated with AFLGo for Patch Testing
- 2019.01 [googleblog] [A new chapter for OSS-Fuzz](https://opensource.googleblog.com/2019/01/a-new-chapter-for-oss-fuzz.html)
- 2016.12 [alexgaynor] [OSS-Fuzz initial impressions](https://alexgaynor.net/2016/dec/03/oss-fuzz-initial-impressions/)
***
- [**86**星][2y] [JS] [vspandan/ifuzzer](https://github.com/vspandan/ifuzzer)
***
- [**166**星][3m] [F#] [softsec-kaist/codealchemist](https://github.com/softsec-kaist/codealchemist) Semantics-aware Code Generation for Finding JS engine Vulnerabilities
- 2019.03 [securitygossip] [CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines](https://securitygossip.com/blog/2019/03/15/codealchemist-semantics-aware-code-generation-to-find-vulnerabilities-in-javascript-engines/)
- 2019.03 [sjtu] [CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines](https://loccs.sjtu.edu.cn/gossip/blog/2019/03/15/codealchemist-semantics-aware-code-generation-to-find-vulnerabilities-in-javascript-engines/)
***
- [**1760**星][15d] [C] [google/honggfuzz](https://github.com/google/honggfuzz) Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
- [**165**星][6m] [Rust] [rust-fuzz/honggfuzz-rs](https://github.com/rust-fuzz/honggfuzz-rs) Fuzz your Rust code with Google-developed Honggfuzz !
- 2019.06 [360] [使用honggfuzz挖掘VLC的一个double-free RCE漏洞](https://www.anquanke.com/post/id/181017/)
- 2019.06 [pentestpartners] [Double-Free RCE in VLC. A honggfuzz how-to](https://www.pentestpartners.com/security-blog/double-free-rce-in-vlc-a-honggfuzz-how-to/)
- 2018.11 [pediy] [[原创] honggfuzz漏洞挖掘技术深究系列](https://bbs.pediy.com/thread-247954.htm)
- 2018.10 [riusksk] [honggfuzz漏洞挖掘技术深究系列(5)—— Intel Processor Trace](http://riusksk.me/2018/10/14/honggfuzz5/)
- 2018.10 [riusksk] [honggfuzz漏洞挖掘技术深究系列(4)—— 扩展Fuzzer](http://riusksk.me/2018/10/02/honggfuzz4/)
- 2018.09 [riusksk] [honggfuzz漏洞挖掘技术深究系列(3)——Fuzz策略](http://riusksk.me/2018/09/16/honggfuzz3/)
- 2018.09 [tunnelshade] [Internals of Hongfuzz - Intel PT](https://tunnelshade.in/blog/2018/09/hongfuzz-intel-pt-instrumentation/)
- 2018.08 [riusksk] [honggfuzz漏洞挖掘技术深究系列(2)—— Persistent Fuzzing](http://riusksk.me/2018/08/22/honggfuzz漏洞挖掘技术2/)
- 2018.07 [riusksk] [honggfuzz漏洞挖掘技术深究系列(1)——反馈驱动(Feedback-Driven)](http://riusksk.me/2018/07/29/honggfuzz漏洞挖掘技术1/)
- 2015.06 [n0where] [General Purpose Fuzzing: Honggfuzz](https://n0where.net/general-purpose-fuzzing-honggfuzz)
- 2010.12 [toolswatch] [honggfuzz easy-to-use fuzzer v0.1 released](http://www.toolswatch.org/2010/12/honggfuzz-easy-to-use-fuzzer-v0-1-released/)
***
- [**396**星][8d] [Haskell] [crytic/echidna](https://github.com/crytic/echidna) Ethereum fuzz testing framework
- 2019.09 [freebuf] [Echidna:功能强大的以太坊模糊测试框架](https://www.freebuf.com/articles/blockchain-articles/211940.html)
- 2018.05 [trailofbits] [State Machine Testing with Echidna](https://blog.trailofbits.com/2018/05/03/state-machine-testing-with-echidna/)
- 2018.03 [trailofbits] [echidna介绍](https://blog.trailofbits.com/2018/03/09/echidna-a-smart-fuzzer-for-ethereum/)
***
- [**292**星][1y] [C++] [gamozolabs/applepie](https://github.com/gamozolabs/applepie) A hypervisor for fuzzing built with WHVP and Bochs
- 2019.11 [freebuf] [Applepie:一款整合了WHVP和Bochs的模糊测试工具](https://www.freebuf.com/sectool/214263.html)
***
- [**154**星][9y] [Shell] [spiderlabs/jboss-autopwn](https://github.com/spiderlabs/jboss-autopwn) A JBoss script for obtaining remote shell access
- [**122**星][1y] [Shell] [mi-al/wifi-autopwner](https://github.com/mi-al/wifi-autopwner) script to automate searching and auditing Wi-Fi networks with weak security
- [**97**星][2y] [Py] [danmcinerney/msf-autopwn](https://github.com/danmcinerney/msf-autopwn) Autoexploitation of some of the most common vulnerabilities in wild
- [**89**星][1y] [Shell] [rpranshu/autopwn](https://github.com/rpranshu/autopwn) A simple bash based metasploit automation tool!
- [**84**星][1m] [Ruby] [hahwul/metasploit-autopwn](https://github.com/hahwul/metasploit-autopwn) db_autopwn plugin of metasploit
- [**77**星][1m] [Py] [bannsec/autopwn](https://github.com/bannsec/autopwn) Automate repetitive tasks for fuzzing
- [**26**星][2y] [Py] [danmcinerney/smb-autopwn](https://github.com/danmcinerney/smb-autopwn) Discovers and exploits hosts vulnerable to MS08-067/MS17-010
- [**23**星][5y] [Py] [vnik5287/wpa-autopwn](https://github.com/vnik5287/wpa-autopwn) WPA/WPA2 autopwn script that parses captured handshakes and sends them to the Crackq
- [**11**星][5y] [Shell] [christianpapathanasiou/jboss-autopwn](https://github.com/christianpapathanasiou/jboss-autopwn) JBoss Autopwn as featured at BlackHat Europe 2010 - this version incorporates CVE-2010-0738 the JBoss authentication bypass VERB manipulation vulnerability as discovered by Minded Security
- 2019.07 [freebuf] [autoPwn :一款功能强大的模糊测试重复执行自动化任务框架](https://www.freebuf.com/sectool/207484.html)
- 2016.01 [evilsocket] [Autopwn Every Android < 4.2 Device on Your Network Using BetterCap and the addJavascriptInterface Vulnerability.](https://www.evilsocket.net/2016/01/18/autopwn-every-android-device-on-your-network-using-bettercap-the-and-addjavascriptinterface-vulnerability/)
- 2015.07 [rapid7] [The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 2](https://blog.rapid7.com/2015/07/16/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter-part-2/)
- 2015.07 [rapid7] [The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 1](https://blog.rapid7.com/2015/07/15/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter-part-1/)
- 2013.02 [freebuf] [[汉化并修复]渗透测试框架winAUTOPWN v3.2](http://www.freebuf.com/sectool/7451.html)
- 2012.11 [freebuf] [JBOSS服务器渗透测试工具—JBoss Autopwn](http://www.freebuf.com/sectool/6112.html)
- 2012.10 [freebuf] [渗透测试框架(WIN)—winAUTOPWN v3.2 Released](http://www.freebuf.com/sectool/5860.html)
- 2012.04 [pentestlab] [Metasploit Browser Autopwn](https://pentestlab.blog/2012/04/23/metasploit-browser-autopwn/)
- 2011.10 [toolswatch] [winAUTOPWN v2.8 released](http://www.toolswatch.org/2011/10/winautopwn-v2-8-released/)
- 2011.03 [g0tmi1k] [Owning Windows (XP SP3 vs. Metasploit's File_autopwn)](http://blog.g0tmi1k.com/2011/03/owning-windows-xp-sp3-vs/)
- 2011.03 [toolswatch] [winAUTOPWN The Windows AutoHack Tool v2.6 released](http://www.toolswatch.org/2011/03/winautopwn-the-windows-autohack-tool-v2-6-released/)
- 2011.03 [toolswatch] [Pentesting Jboss servers with jboss-autopwn](http://www.toolswatch.org/2011/03/pentesting-jboss-servers-with-jboss-autopwn/)
- 2011.01 [g0tmi1k] [Owning Windows (XP SP2 vs. Metasploit's Browser_autopwn)](http://blog.g0tmi1k.com/2011/01/owning-windows-xp-sp2-vs/)
- 2011.01 [g0tmi1k] [Owning Windows (XP SP1 vs. Metasploit's Db_autopwn)](http://blog.g0tmi1k.com/2011/01/owning-windows-xp-sp1-vs/)
***
- [**3291**星][2m] [Go] [dvyukov/go-fuzz](https://github.com/dvyukov/go-fuzz) 针对Go包的以覆盖为导向的Fuzzing解决方案
- [**64**星][5m] [Go] [dvyukov/go-fuzz-corpus](https://github.com/dvyukov/go-fuzz-corpus) Corpus for github.com/dvyukov/go-fuzz examples
- 2019.07 [twistlock] [Finding a DoS vulnerability in NATS with go-fuzz – CVE-2019-13126](https://www.twistlock.com/labs-blog/finding-dos-vulnerability-nats-go-fuzz-cve-2019-13126/)
- 2018.05 [parsiya] [Learning Go-Fuzz 2: goexif2](https://parsiya.net/blog/2018-05-05-learning-go-fuzz-2-goexif2/)
- 2018.04 [parsiya] [Learning Go-Fuzz 1: iprange](https://parsiya.net/blog/2018-04-29-learning-go-fuzz-1-iprange/)
- 2017.07 [mijailovic] [Going down the rabbit hole with go-fuzz](https://mijailovic.net/2017/07/29/go-fuzz/)
- 2015.11 [filippo] ["Automated Testing with go-fuzz" @ GothamGo](https://blog.filippo.io/automated-testing-with-go-fuzz-gothamgo/)
***
- [**938**星][7d] [Py] [swisskyrepo/ssrfmap](https://github.com/swisskyrepo/ssrfmap) Automatic SSRF fuzzer and exploitation tool
- [**39**星][1y] [Ruby] [dreadlocked/ssrfmap](https://github.com/dreadlocked/ssrfmap) Simple Server Side Request Forgery services enumeration tool.
- 2019.03 [freebuf] [SSRFmap:一款功能强大的自动化SSRF模糊测试&漏洞利用工具](https://www.freebuf.com/sectool/197353.html)
***
- [**802**星][8d] [Py] [jtpereyda/boofuzz](https://github.com/jtpereyda/boofuzz) 网络协议Fuzzing框架, sulley的继任者
- 2019.05 [aliyun] [初探BooFuzz](https://xz.aliyun.com/t/5155)
- 2019.01 [doyler] [Boofuzz Introduction – Installation and Basic Usage](https://www.doyler.net/security-not-included/boofuzz-introduction)
- 2017.04 [securestate] [Fuzzing with Boofuzz – Primer](https://warroom.securestate.com/fuzzing-boofuzz-primer/)
- 2017.04 [securestate] [Fuzzing with Boofuzz – Primer](https://warroom.rsmus.com/fuzzing-boofuzz-primer/)
- 2016.01 [n0where] [Network Protocol Fuzzing: boofuzz](https://n0where.net/network-protocol-fuzzing-boofuzz)
- [**1125**星][12m] [Py] [openrce/sulley](https://github.com/openrce/sulley) A pure-python fully automated and unattended fuzzing framework.
- 2019.01 [fuzzysecurity] [Installing Sulley on Windows](http://fuzzysecurity.com/tutorials/10.html)
- 2018.08 [aliyun] [Sulley fuzzer learning---5](https://xz.aliyun.com/t/2612)
- 2018.08 [aliyun] [Sulley fuzzer learning---4](https://xz.aliyun.com/t/2601)
- 2018.08 [aliyun] [Sulley fuzzer learning---3](https://xz.aliyun.com/t/2592)
- 2018.08 [aliyun] [Sulley fuzzer learning---2](https://xz.aliyun.com/t/2575)
- 2018.08 [aliyun] [Sulley fuzzer learning---4](https://xz.aliyun.com/t/2568)
- 2018.08 [aliyun] [Sulley fuzzer learning---3](https://xz.aliyun.com/t/2566)
- 2018.08 [aliyun] [Sulley fuzzer learning---2](https://xz.aliyun.com/t/2565)
- 2018.08 [aliyun] [Sulley fuzzer learning---1](https://xz.aliyun.com/t/2564)
- 2014.08 [3xp10it] [quick start sulley](http://3xp10it.cc/%E4%BA%8C%E8%BF%9B%E5%88%B6/2016/07/28/quick-start-sulley/)
- 2014.08 [3xp10it] [quick start sulley](http://3xp10it.cc/%E4%BA%8C%E8%BF%9B%E5%88%B6/2016/07/28/quick-start-sulley/)
- 2013.05 [htbridge] [Fuzzing: An introduction to Sulley Framework](https://www.htbridge.com/blog/fuzzing_an_introduction_to_sulley_framework.html)
- 2011.06 [pediy] [[翻译]sulley 网络协议Fuzzing 测试文档](https://bbs.pediy.com/thread-135764.htm)
- 2008.12 [pediy] [[原创]利用sulley framework进行简单的漏洞挖掘](https://bbs.pediy.com/thread-78978.htm)
***
- [**1123**星][2y] [aoh/radamsa](https://github.com/aoh/radamsa) a general-purpose fuzzer
- [**122**星][2y] [Py] [blazeinfosec/pcrappyfuzzer](https://github.com/blazeinfosec/pcrappyfuzzer) Scapy+ radamsa 的简单组合,从 pcap 文件中提取数据,执行快速 Fuzz
- [**71**星][2y] [Java] [ikkisoft/bradamsa](https://github.com/ikkisoft/bradamsa) Burp Suite extension to generate Intruder payloads using Radamsa
- [**52**星][1m] [C] [anestisb/radamsa-android](https://github.com/anestisb/radamsa-android) An Android port of radamsa fuzzer
- [**43**星][8m] [Erlang] [darkkey/erlamsa](https://github.com/darkkey/erlamsa) Erlang port of famous radamsa fuzzzer.
- [**40**星][1y] [scheme] [aki helin/radamsa](https://gitlab.com/akihe/radamsa) a general-purpose fuzzer
- [**19**星][7y] [raz0r/burp-radamsa](https://github.com/raz0r/burp-radamsa) Radamsa fuzzer extension for Burp Suite
- [**8**星][2y] [Py] [lokori/heartbreaker](https://github.com/lokori/heartbreaker) HeartBreaker, GUI for Radamsa
- [**6**星][12d] [Java] [nscuro/bradamsa-ng](https://github.com/nscuro/bradamsa-ng) Burp Suite extension for Radamsa-powered fuzzing with Intruder
- [**0**星][1m] [TS] [rarecoil/sinkdweller](https://github.com/rarecoil/sinkdweller) A TypeScript-based frontend to the radamsa fuzzer. No dependencies on most platforms.
- 2017.07 [pediy] [[翻译]凭借Scapy, radamsa工具和少量明文数据包对专有协议进行Fuzzing测试](https://bbs.pediy.com/thread-219994.htm)
- 2016.11 [n0where] [What the Fuzz: Radamsa](https://n0where.net/what-the-fuzz-radamsa)
- 2016.05 [n0where] [General Purpose Fuzzer: Radamsa](https://n0where.net/general-purpose-fuzzer-radamsa)
- 2013.06 [raz0r] [Radamsa Fuzzer Extension for Burp Suite](https://raz0r.name/releases/burp-radamsa/)
***
- [**1337**星][19d] [Go] [ffuf/ffuf](https://github.com/ffuf/ffuf) Fast web fuzzer written in Go
- 2019.12 [hakin9] [Ffuf - A fast web fuzzer written in Go](https://hakin9.org/ffuf-a-fast-web-fuzzer-written-in-go/)
***
- [**1112**星][2