Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/langston-barrett/czz

Whole-program, Scheme-scriptable, multi-language, coverage-guided fuzzer
https://github.com/langston-barrett/czz

fuzzing scheme

Last synced: 3 days ago
JSON representation

Whole-program, Scheme-scriptable, multi-language, coverage-guided fuzzer

Awesome Lists containing this project

README 

        
===

czz

===



..

  This paragraph is duplicated in the README and index.rst.



czz is a *whole-program*, *scriptable*, *multi-language*, coverage-guided

fuzzer.



*Whole-program*: Instead of feeding input to the target program via a file or

stdin, czz executes target from ``main`` and provides it with manufactured data

by intercepting calls to library functions like ``recv``, ``fopen``, and

``rand``. This approach does not require users to write a fuzzing harness and

can exercise effectful, non-deterministic code that is not amenable to

traditional fuzzing techniques.



*Scriptable*: czz can be scripted in Scheme. Capabilities include overriding

the behavior of functions in the target program, e.g., to :ref:`make a checksum

function always pass `. Use-cases that `we plan to support in the

future `_ include writing

custom power schedules and mutations.



*Multi-language*: czz currently targets languages that compile to LLVM (e.g.,

C, C++, Rust, etc.), but is built on the language-agnostic `Crucible

`_ library, and also includes a

proof-of-concept fuzzer for JVM code. Webassembly support is `planned

`_.



See the `documentation `_ for more

information about czz.