Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Fuzzing/Fuzz testing

Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program’s reaction to providing invalid, unexpected, or random data as inputs to a computer program.

https://github.com/r1cksec/cheatsheets

Collection of knowledge about information security

active-directory bash cheatsheets fuzzing linux pentest powershell redteam snippets windows

Last synced: 05 Nov 2024

https://github.com/sslab-gatech/winnie

Winnie is an end-to-end system that makes fuzzing Windows applications easy

afl-fuzz fuzzing winafl windows

Last synced: 22 Dec 2024

https://github.com/ex0dus-0x/fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

binary-analysis fuzzing reverse-engineering security security-tools static-analysis

Last synced: 23 Dec 2024

https://github.com/MozillaSecurity/dharma

Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.

context-free fuzzer fuzzing generation grammar python random

Last synced: 09 Nov 2024

https://github.com/mozillasecurity/dharma

Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.

context-free fuzzer fuzzing generation grammar python random

Last synced: 03 Nov 2024

https://github.com/mrash/afl-cov

Produce code coverage results with gcov from afl-fuzz test cases

afl-fuzz code-coverage fuzzing gcov

Last synced: 21 Dec 2024

https://github.com/intel/kernel-fuzzer-for-xen-project

Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL

afl fuzzing hypervisor linux-kernel xen

Last synced: 28 Sep 2024

https://google.github.io/clusterfuzzlite/

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

ci continuous-integration fuzz-testing fuzzing security vulnerabilities

Last synced: 14 Nov 2024

https://github.com/google/clusterfuzzlite

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

ci continuous-integration fuzz-testing fuzzing security vulnerabilities

Last synced: 06 Nov 2024

https://github.com/loiclec/fuzzcheck-rs

Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions

coverage-guided-fuzzing fuzzer fuzzing grammar-fuzzer property-based-testing rust testing

Last synced: 03 Nov 2024

https://github.com/cisco-sas/kitty

Fuzzing framework written in python

fuzzing security

Last synced: 03 Nov 2024

https://github.com/rust-fuzz/trophy-case

🏆 Collection of bugs uncovered by fuzzing Rust code

fuzz-testing fuzzing rust trophies

Last synced: 22 Dec 2024

https://github.com/rc0r/afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

afl automation crash-reporting fuzzer fuzzing job-management python-3 security triage

Last synced: 28 Sep 2024

https://github.com/uds-se/formatfuzzer

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

binary fuzzer fuzzing inputs parsing testing

Last synced: 24 Dec 2024

https://github.com/xsscx/commodity-injection-signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss

Last synced: 23 Dec 2024

https://github.com/xsscx/Commodity-Injection-Signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss

Last synced: 21 Nov 2024

https://github.com/ossf/fuzz-introspector

Fuzz Introspector -- introspect, extend and optimise fuzzers

fuzz-testing fuzzing security security-research testing vulnerability-analysis

Last synced: 22 Dec 2024

https://github.com/ucsb-seclab/difuze

Fuzzer for Linux Kernel Drivers

android fuzzing kernel vulnerability-detection

Last synced: 03 Nov 2024

https://github.com/jwilk/python-afl

American Fuzzy Lop fork server and instrumentation for pure-Python code

fuzzing security

Last synced: 23 Dec 2024

https://github.com/LyleMi/papers

Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记

awesome fuzzing papers read-papers reading-notes security

Last synced: 21 Nov 2024

https://github.com/owasp-dep-scan/blint

BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.

binary cyclonedx depscan fuzzing malware sbom supply-chain-analytics supply-chain-security

Last synced: 14 Nov 2024

https://github.com/strongcourage/uafuzz

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

fuzzing

Last synced: 21 Nov 2024

https://github.com/andreafioraldi/qasan

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

fuzzing sanitization

Last synced: 15 Oct 2024

https://github.com/d4rckh/vaf

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss

Last synced: 03 Nov 2024

https://github.com/hugsy/cfb

Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.

fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver

Last synced: 23 Dec 2024

https://github.com/hugsy/CFB

Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.

fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver

Last synced: 21 Nov 2024

https://github.com/rootup/bfuzz

Fuzzing Browsers

browsers domato fuzzing fuzzing-framework

Last synced: 12 Nov 2024

https://github.com/RootUp/BFuzz

Fuzzing Browsers

browsers domato fuzzing fuzzing-framework

Last synced: 01 Nov 2024

https://github.com/RapidDNS/Afuzz

Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.

bugbounty fuzzing pentest pentest-tool pentesting security-tools

Last synced: 21 Nov 2024

https://github.com/zer0yu/berserker

A list of useful payloads for Web Application Security and Pentest/CTF

ctf fuzzing intruder pentest scanner sqli web-application xss xxe

Last synced: 23 Dec 2024

https://github.com/mindpatch/lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:

blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity

Last synced: 23 Dec 2024

https://github.com/codeintelligencetesting/jazzer.js

Coverage-guided, in-process fuzzing for Node.js

fuzzer fuzzing javascript nodejs security testing typescript

Last synced: 22 Dec 2024

https://github.com/HexHive/magma

A ground-truth fuzzing benchmark suite based on real programs with real bugs.

benchmark fuzzing

Last synced: 18 Nov 2024

https://github.com/CodeIntelligenceTesting/jazzer.js

Coverage-guided, in-process fuzzing for Node.js

fuzzer fuzzing javascript nodejs security testing typescript

Last synced: 14 Nov 2024

https://github.com/zer0yu/Berserker

A list of useful payloads for Web Application Security and Pentest/CTF

ctf fuzzing intruder pentest scanner sqli web-application xss xxe

Last synced: 25 Oct 2024

https://github.com/ajinabraham/Droid-Application-Fuzz-Framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 13 Nov 2024

https://github.com/MindPatch/lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:

blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity

Last synced: 03 Nov 2024

https://github.com/ajinabraham/droid-application-fuzz-framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 17 Dec 2024

https://github.com/hexhive/magma

A ground-truth fuzzing benchmark suite based on real programs with real bugs.

benchmark fuzzing

Last synced: 12 Nov 2024

https://project-oak.github.io/rust-verification-tools/

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

fuzzing klee proptest rust seahorn verification

Last synced: 16 Nov 2024

https://github.com/project-oak/rust-verification-tools

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

fuzzing klee proptest rust seahorn verification

Last synced: 09 Nov 2024

https://github.com/charmve/ble-security-attack-defence

✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless

Last synced: 24 Dec 2024

https://github.com/Charmve/BLE-Security-Attack-Defence

✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless

Last synced: 21 Nov 2024

https://github.com/microsoft/rest-api-fuzz-testing

REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows

api devops fuzz fuzzing fuzzing-framework rest rest-api

Last synced: 21 Nov 2024

https://github.com/anmolksachan/TheTimeMachine

Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

automate bugbounty fuzzer fuzzing jira lfi openredirect osint parameter scanner xss

Last synced: 10 Sep 2024

https://github.com/d0c-s4vage/gramfuzz

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

complex-grammars fuzzer fuzzing grammar parsing

Last synced: 23 Dec 2024

https://github.com/xyntax/filesensor

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

crawler fuzzing pentesting scrapy

Last synced: 18 Dec 2024

https://github.com/intel/tsffs

A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS

fuzzing rust security simics

Last synced: 18 Nov 2024

https://github.com/alphaSeclab/fuzzing-stuff

Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.

afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl

Last synced: 21 Nov 2024

https://github.com/trailofbits/mishegos

A differential fuzzer for x86 decoders

fuzzing hacktoberfest x86

Last synced: 17 Dec 2024

https://github.com/ispras/casr

Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.

afl aflplusplus apport appsec coredump crash crash-reporting devsecops dynamic-analysis exploitable fuzzing gdb libfuzzer rust sdl security ssdlc testing triage vulnerability-management

Last synced: 18 Dec 2024

https://github.com/aflplusplus/grammar-mutator

A grammar-based custom mutator for AFL++

afl afl-fuzz aflplusplus fuzzing grammar-fuzzer

Last synced: 18 Dec 2024

https://github.com/alphaseclab/fuzzing-stuff

Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.

afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl

Last synced: 09 Nov 2024

https://github.com/AFLplusplus/Grammar-Mutator

A grammar-based custom mutator for AFL++

afl afl-fuzz aflplusplus fuzzing grammar-fuzzer

Last synced: 21 Nov 2024

https://github.com/carlospolop/fuzzhttpbypass

This tool use fuuzzing to try to bypass unknown authentication methods, who knows...

authentication bypass fuzzing http wfuzz

Last synced: 18 Dec 2024

https://github.com/FuzzAnything/Hopper

Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.

afl api-testing binary fuzz-driver fuzzer fuzzing fuzzing-framework interpreter library-testing rust security testing

Last synced: 09 Nov 2024

https://github.com/fuzzitdev/fuzzit

CLI to integrate continuous fuzzing with Fuzzit (no longer available)

fuzz-testing fuzzing fuzzit security vulnerability

Last synced: 21 Nov 2024

https://github.com/rust-fuzz/libfuzzer

Rust bindings and utilities for LLVM’s libFuzzer

fuzz-testing fuzzing libfuzzer rust

Last synced: 14 Dec 2024

https://github.com/softsec-kaist/fuzzing-survey

The Art, Science, and Engineering of Fuzzing: A Survey

fuzzer fuzzing genealogy-database visualization

Last synced: 20 Dec 2024

https://github.com/sslab-gatech/janus

Janus: a state-of-the-art file system fuzzer on Linux

btrfs ext4 f2fs filesystem fuzzer fuzzing lkl

Last synced: 12 Nov 2024

https://github.com/SoftSec-KAIST/Fuzzing-Survey

The Art, Science, and Engineering of Fuzzing: A Survey

fuzzer fuzzing genealogy-database visualization

Last synced: 16 Nov 2024

https://github.com/ackee-blockchain/trident

Rust-based framework to Fuzz Solana programs, designed to help you ship secure code.

anchor fuzz fuzz-testing fuzzer fuzzing rust solana

Last synced: 21 Dec 2024

https://github.com/profuzzbench/profuzzbench

ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing

benchmarking fuzzing security

Last synced: 18 Nov 2024

https://github.com/trailofbits/siderophile

Find the ideal fuzz targets in a Rust codebase

fuzzing program-analysis rust security-testing

Last synced: 21 Dec 2024

https://github.com/rubilmax/foundry-gas-diff

🛠️ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!

action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking

Last synced: 17 Dec 2024

https://github.com/Rubilmax/foundry-gas-diff

🛠️ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!

action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking

Last synced: 18 Nov 2024

https://github.com/epi052/feroxfuzz

A structure-aware HTTP fuzzing library

fuzzing hacktoberfest http testing

Last synced: 21 Dec 2024

https://github.com/zhangzhuosjtu/stochfuzz

Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting

afl binary-rewriting fuzzing

Last synced: 19 Dec 2024

https://github.com/Ackee-Blockchain/trident

Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.

anchor fuzz fuzz-testing fuzzer fuzzing rust solana

Last synced: 13 Oct 2024

https://github.com/ZhangZhuoSJTU/StochFuzz

Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting

afl binary-rewriting fuzzing

Last synced: 21 Nov 2024

https://github.com/nescau-ufla/fuzzingtool

Software for fuzzing, used on web application pentestings.

bruteforce fuzzer fuzzing pentesting-tools python3 web web-fuzzer

Last synced: 22 Dec 2024

https://github.com/kazet/wpgarlic

A proof-of-concept WordPress plugin fuzzer

fuzzing security security-tools testing wordpress

Last synced: 09 Nov 2024

https://github.com/efchatz/wpaxfuzz

A full-featured open-source Wi-Fi fuzzer

dos exploit fuzzing sae wpa2 wpa3

Last synced: 21 Dec 2024

https://github.com/efchatz/WPAxFuzz

A full-featured open-source Wi-Fi fuzzer

dos exploit fuzzing sae wpa2 wpa3

Last synced: 07 Nov 2024

https://github.com/youki992/VscanPlus

[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.

fingerprint fuzzing nuclei portscan security sql-injection xray

Last synced: 10 Sep 2024

https://github.com/samsung/utopia

UT based automated fuzz driver generation

code-generation fuzzing

Last synced: 23 Dec 2024

https://github.com/shnatsel/libdiffuzz

Custom memory allocator that helps discover reads from uninitialized memory

fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools

Last synced: 27 Oct 2024

https://github.com/Shnatsel/libdiffuzz

Custom memory allocator that helps discover reads from uninitialized memory

fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools

Last synced: 03 Nov 2024

https://github.com/k0retux/fuddly

Fuzzing and Data Manipulation Framework (for GNU/Linux)

data-manipulation framework fuzzing python security

Last synced: 09 Nov 2024

https://github.com/galli-leo/emmutaler

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

checkm8 fuzzing ios securerom

Last synced: 21 Nov 2024

https://github.com/npryce/snodge

Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing

binary forms fuzz-testing fuzzing javascript json jvm kotlin kotlin-library test-driven-development testing text xml

Last synced: 18 Dec 2024

https://github.com/0xf4b1/bsod-kernel-fuzzing

BSOD: Binary-only Scalable fuzzing Of device Drivers

fuzzing kernel qemu

Last synced: 27 Oct 2024