Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mozillasecurity/octo

A fuzzing library in JavaScript. ✨
https://github.com/mozillasecurity/octo

browser fuzzing fuzzing-framework generators library node random

Last synced: about 1 month ago
JSON representation

A fuzzing library in JavaScript. ✨

Host: GitHub
URL: https://github.com/mozillasecurity/octo
Owner: MozillaSecurity
License: mpl-2.0
Created: 2017-04-06T09:21:05.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2024-02-08T19:46:54.000Z (7 months ago)
Last Synced: 2024-04-14T20:06:10.273Z (5 months ago)
Topics: browser, fuzzing, fuzzing-framework, generators, library, node, random
Language: JavaScript
Homepage:
Size: 5.16 MB
Stars: 116
Watchers: 14
Forks: 19
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        


  





A unified shared library which aids in building fuzzers for browsers or as complement for an already existing fuzzing framework.











   



Octo.js bundles core functions and generic boilerplate code commonly used in most frameworks for fuzzing browsers. It is designed for the sharing of improvements between our individual fuzzers, and with the purpose of reducing the maintainability of those core features with minimal effort.

Octo's future aims to be a stable, well-tested and well-documented standard library for fuzzing in a JavaScript environment.

## Table of Contents

- [Table of Contents](#table-of-contents)

  - [Playbook](#playbook)

  - [Usage in Node](#usage-in-node)

  - [Usage in Browser](#usage-in-browser)

  - [Development](#development)

  - [Testing](#testing)

  - [API Documentation](#api-documentation)

  - [What do the developers say?](#what-do-the-developers-say)

### Playbook

https://npm.runkit.com/@mozillasecurity/octo

### Usage in Node

```

yarn add @mozillasecurity/octo

```

```js

const { random, make } = require("@mozillasecurity/octo");

random.init();

// Common Operations

make.number.any();

make.text.any();

// WebCrypto

make.crypto.randomAlgorithm();

// WebGL

make.webgl.randomSamplerParameter();

```

Take a look into the API documentation for further use cases.

### Usage in the Browser

```

yarn install

yarn build

```

A bundled production build (`octo.js`) is placed into the local `dist` directory.

### Development

```

yarn lint

yarn test

yarn build

```

### Testing

Octo.js uses Jest for testing. Each directory should contain a `__tests__` folder containing the tests.

```

yarn test

```

### API Documentation

- https://mozillasecurity.github.io/octo

or

```

yarn docs

```

### What do the developers say?

- [Divide-by-zero in [@webrtc::I420Buffer::CropAndScaleFrom]](https://bugzilla.mozilla.org/show_bug.cgi?id=1490700#c1)

  > Impressive that the fuzzer found such a high multiple of 65536. I'd expect it to start with common edge cases like -1, 0, 1, etc.