Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Fuzzing/Fuzz testing
Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program’s reaction to providing invalid, unexpected, or random data as inputs to a computer program.
- GitHub: https://github.com/topics/fuzzing
- Wikipedia: https://en.wikipedia.org/wiki/Fuzzing
- Created by: Barton Miller
- Released: September 1988
- Related Topics: stress-testing, fault-injection, monkey-testing, random-testing, security-testing, test-automation, mutation-testing, cicd, black-box-testing,
- Aliases: fuzz-testing, api-fuzzing,,
- Last updated: 2024-12-25 00:11:07 UTC
- JSON Representation
https://github.com/elceef/subzuf
a smart DNS response-guided subdomain fuzzer
dns fuzzing subdomain-enumeration
Last synced: 26 Dec 2024
https://github.com/softsec-kaist/eclipser
Grey-box Concolic Testing on Binary Code (ICSE '19)
concolic-testing fsharp fuzzer fuzzing testcase-generator
Last synced: 14 Nov 2024
https://github.com/SoftSec-KAIST/Eclipser
Grey-box Concolic Testing on Binary Code (ICSE '19)
concolic-testing fsharp fuzzer fuzzing testcase-generator
Last synced: 09 Nov 2024
https://github.com/softsec-kaist/smartian
Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE '21)
fsharp fuzzer fuzzing smart-contract-testing static-analyzer
Last synced: 19 Dec 2024
https://github.com/ksharinarayanan/SourceWolf
Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
automation broken-link-hijacking bugbounty fuzzing osint reconnaissance wordlist
Last synced: 09 Nov 2024
https://github.com/quarkslab/samsung-trustzone-research
Reverse-engineering tools and exploits for Samsung's implementation of TrustZone
bindings emulation exploitation fuzzing kinibi reverse-engineering samsung tooling trustzone
Last synced: 10 Nov 2024
https://github.com/MichaelStott/CRLF-Injection-Scanner
Command line tool for testing CRLF injection on a list of domains.
bugbounty cli crlf fuzzer fuzzing security-vulnerability
Last synced: 24 Oct 2024
https://github.com/michaelstott/crlf-injection-scanner
Command line tool for testing CRLF injection on a list of domains.
bugbounty cli crlf fuzzer fuzzing security-vulnerability
Last synced: 01 Nov 2024
https://github.com/YasserGersy/cazador_unr
Hacking tools
automation bugbounty bugcrowd bughunting csrf directory-lister dns fuzzing hackerone hacking http information-gathering-tools owasp poc pocgenerator rce sqli subdomains tcp xss
Last synced: 21 Nov 2024
https://github.com/0xricksanchez/fisy-fuzz
This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
filesystem freebsd fuzzer fuzzing kernel kernel-panic kernels netbsd openbsd panic security-tools
Last synced: 10 Oct 2024
https://github.com/sslab-gatech/archeap
ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
Last synced: 05 Nov 2024
https://github.com/andresriancho/websocket-fuzzer
HTML5 WebSocket message fuzzer
appsec fuzzing html5 websocket
Last synced: 14 Nov 2024
https://github.com/epi052/fuzzing-101-solutions
Companion repository to the Fuzzing101 with LibAFL series of blog posts.
fuzzing hacktoberfest libafl rust
Last synced: 27 Oct 2024
https://github.com/aflplusplus/afl-snapshot-lkm
A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
Last synced: 11 Nov 2024
https://github.com/Riscure/optee_fuzzer
This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.
afl fuzzing op-tee trusted-execution-environment
Last synced: 01 Nov 2024
https://github.com/refIekt/reflekt
Reflective testing.
fuzzing generative reflection reflective-testing reflekt testing
Last synced: 24 Nov 2024
https://github.com/rootup/personalstuff
Upload files done during my research.
afl-fuzz fuzzing inputzero tcpdump telegram vulnerabilities
Last synced: 21 Dec 2024
https://github.com/ise-uiuc/nnsmith
Automatic DNN generation for fuzzing and more
compiler deep-learning fuzzing machine-learning pytorch tensorflow
Last synced: 24 Dec 2024
https://github.com/HexHive/FuZZan
FuZZan: Efficient Sanitizer Metadata Design for Fuzzing
addresssanitizer fuzzing sanitizer
Last synced: 21 Nov 2024
https://github.com/hexhive/fuzzan
FuZZan: Efficient Sanitizer Metadata Design for Fuzzing
addresssanitizer fuzzing sanitizer
Last synced: 12 Nov 2024
https://github.com/mozillasecurity/octo
A fuzzing library in JavaScript. ✨
browser fuzzing fuzzing-framework generators library node random
Last synced: 18 Nov 2024
https://rust-fuzz.github.io/book/
📖 Guides and tutorials on how to fuzz Rust code
documentation fuzz-testing fuzzing rust
Last synced: 25 Oct 2024
https://github.com/rust-fuzz/book
📖 Guides and tutorials on how to fuzz Rust code
documentation fuzz-testing fuzzing rust
Last synced: 19 Dec 2024
https://github.com/microsoft/sca-fuzzer
Revizor - a fuzzer to search for microarchitectural leaks in CPUs
fuzzing meltdown security side-channel spectre-vulnerability
Last synced: 23 Dec 2024
https://github.com/agroce/afl-compiler-fuzzer
Variation of american fuzzy lop for testing compilers
afl afl-fuzz compiler-testing fuzzing fuzzing-compilers
Last synced: 27 Oct 2024
https://github.com/FuzzingLabs/cairo-fuzzer
Cairo/Starknet smart contract fuzzer
cairo cairo-lang fuzzer fuzzing starknet
Last synced: 14 Nov 2024
https://github.com/seemoo-lab/virtfuzz
VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
Last synced: 22 Dec 2024
https://github.com/Teebytes/TnT-Fuzzer
OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
fuzzer fuzzing json-api openapi pentesting python security swagger
Last synced: 17 Nov 2024
https://github.com/phayes/sidefuzz
Fuzzer to automatically find side-channel (timing) vulnerabilities
constant-time cryptography dudect fuzzing rust side-channel wasm
Last synced: 03 Nov 2024
https://github.com/ehmicky/test-each
🤖 Repeat tests. Repeat tests. Repeat tests.
cartesian code-quality data-driven data-driven-testing data-driven-tests es6 foreach functional-programming fuzz fuzz-testing fuzzing iterable javascript library nodejs snapshot-testing test test-automation testing typescript
Last synced: 24 Dec 2024
https://github.com/thepudds/fzgen
Auto-gen Go fuzzing wrappers from normal code. Finds buggy call sequences, including data races & deadlocks. Supports rich signature types.
Last synced: 21 Dec 2024
https://github.com/ispras/oss-sydr-fuzz
OSS-Sydr-Fuzz - OSS-Fuzz fork for hybrid fuzzing (fuzzer+DSE) open source software.
concolic concolic-execution dse dynamic-symbolic-execution fuzz-testing fuzzing hybrid-fuzzing libfuzzer oss-fuzz security stability sydr sydr-fuzz symbolic symbolic-execution vulnerabilities
Last synced: 24 Nov 2024
https://github.com/oxagast/ansvif
A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
exploit fuzz-testing fuzzer fuzzing pentesting quality-control vulnerability
Last synced: 09 Dec 2024
https://github.com/rust-fuzz/targets
🎯 A collection of fuzzing targets written in Rust.
Last synced: 09 Nov 2024
https://github.com/agroce/tstl
Template Scripting Testing Language tool: automated test generation for Python
afl afl-fuzz delta-debugging fault-localization fuzzers fuzzing property-based property-based-testing python random-testing swarm-testing test-automation test-generation test-reduction testing testing-tools tstl
Last synced: 23 Dec 2024
https://github.com/siemens/fluffi
FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A distributed evolutionary binary fuzzer for pentesters
Last synced: 21 Nov 2024
https://github.com/ymherklotz/verismith
Verilog Fuzzer to test the major simulators and sythesisers by generating random, valid Verilog.
Last synced: 25 Dec 2024
https://github.com/zac-hd/hypothesmith
Hypothesis strategies for generating Python programs, something like CSmith
Last synced: 24 Dec 2024
https://github.com/kostas-pa/LFITester
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
bugbounty crawler cybersecurity enumeration exploitation fuzzing hacking lfi lfi-detection lfi-exploitation lfi-vulnerability penetration-testing penetration-testing-tools pentest-tool pentesting python web-hacking webhacking
Last synced: 21 Nov 2024
https://github.com/zjuchenyuan/dockerized_fuzzing
Run fuzzing experiments in Docker
Last synced: 21 Nov 2024
https://github.com/riza/medusa
Fastest recursive HTTP fuzzer, like a Ferrari.
Last synced: 16 Nov 2024
https://github.com/Agnoctopus/Tartiflette
Snapshot fuzzing with KVM and LibAFL
fuzzing kvm libafl virtualization
Last synced: 21 Nov 2024
https://github.com/crytic/optik
Optik is a set of symbolic execution tools that assist smart-contract fuzzers
echidna evm fuzzing maat security-tools smart-contracts symbolic-execution
Last synced: 22 Dec 2024
https://github.com/thehlopster/hfuzz
Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
bugbounty fuzz fuzzing hacking pentesting security web-fuzzing wordlist
Last synced: 09 Nov 2024
https://github.com/trailofbits/ruzzy
A coverage-guided fuzzer for pure Ruby code and Ruby C extensions
fuzzer fuzzing libfuzzer ruby ruby-extension ruby-gem
Last synced: 25 Dec 2024
https://github.com/bazel-contrib/rules_fuzzing
Bazel Starlark extensions for defining fuzz tests in Bazel projects
Last synced: 12 Nov 2024
https://github.com/softsec-kaist/ntfuzz
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)
b2r2 binary-analysis fsharp fuzzer fuzzing kernel-fuzzer windows-kernel
Last synced: 14 Nov 2024
https://github.com/ariary/cfuzz
Command line fuzzer and bruteforcer 🌪 wfuzz for command
bruteforce bruteforcing cli fuzzing hacking pentest security
Last synced: 11 Nov 2024
https://github.com/JavierOlmedo/UltimateCMSWordlists
📚 An ultimate collection wordlists of the best-known CMS
cms cms-framework dictionary drupal fuzz fuzzing hacking joomla security web-security web-security-research wordlist wordpress
Last synced: 21 Nov 2024
https://github.com/javierolmedo/ultimatecmswordlists
📚 An ultimate collection wordlists of the best-known CMS
cms cms-framework dictionary drupal fuzz fuzzing hacking joomla security web-security web-security-research wordlist wordpress
Last synced: 16 Dec 2024
https://github.com/xgouchet/elmyr
A utility to make Kotlin/Java tests random yet reproducible
fuzzing hacktoberfest hacktoberfest2020 hacktoberfest2021 hacktoberfest2022 hacktoberfest2023 hacktoberfest2024 java kotlin test
Last synced: 25 Dec 2024
https://github.com/vanhauser-thc/afl-patches
Patches to afl to fix bugs or add enhancements
afl afl-fuzz afl-fuzzer fuzzer fuzzing
Last synced: 26 Sep 2024
https://github.com/0xkayala/paramspider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Last synced: 11 Nov 2024
https://github.com/dyjakan/interpreter-bugs
Fuzzing results for various interpreters.
bugs fuzzing hhvm interpreter php python ruby security security-research vulnerabilities
Last synced: 13 Dec 2024
https://github.com/TCA-ISCAS/Cooper
A tool for effective testing the binding layer of scripting languages
Last synced: 07 Nov 2024
https://github.com/comby-tools/comby-reducer
A simple program reducer for any language.
fuzzing reducer rewriting transformation
Last synced: 18 Nov 2024
https://github.com/jonathansalwan/ttexplore
TTexplore is a library that performs path exploration on binary code using symbolic execution
Last synced: 29 Oct 2024
https://github.com/ise-uiuc/freefuzz
Free Lunch for Testing: Fuzzing Deep-Learning Libraries from Open Source (ICSE'22)
fuzzing mining pytorch tensorflow
Last synced: 19 Nov 2024
https://github.com/amossys/fragscapy
Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
evasion firewall fuzzing ids network
Last synced: 17 Nov 2024
https://github.com/atrosinenko/kbdysch
A collection of user-space Linux kernel specific guided fuzzers based on LKL
afl filesystem fuzzing linux-kernel lkl
Last synced: 18 Nov 2024
https://github.com/AMOSSYS/Fragscapy
Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
evasion firewall fuzzing ids network
Last synced: 10 Nov 2024
https://github.com/fkie-cad/luckycat
A distributed fuzzing management framework
firmware-analysis fuzzing fuzzing-framework
Last synced: 13 Nov 2024
https://github.com/hexhive/igor
cluster crash deduplication fuzzing grouping security similarity trace
Last synced: 12 Nov 2024
https://github.com/aflplusplus/fuzzer-challenges
Challenging testcases for fuzzers
Last synced: 11 Nov 2024
https://github.com/sec-tools/litefuzz
A multi-platform fuzzer for poking at userland binaries, network clients and servers
exploit fuzzing fuzzing-framework security vulnerability
Last synced: 09 Nov 2024
https://github.com/vanhauser-thc/afl-pin
run AFL with pintool
afl afl-fuzz afl-fuzzer binary-instrument fuzzer fuzzing pin pintool thc
Last synced: 28 Oct 2024
https://github.com/langston-barrett/tree-crasher
Easy-to-use grammar-based black-box fuzzer. Has found dozens of bugs in important targets like Clang, Deno, and rustc.
black-box-testing fuzzer fuzzing grammar-based grammar-based-fuzzing
Last synced: 25 Dec 2024
https://github.com/intel/ccc-linux-guest-hardening
Linux Security Hardening for Confidential Compute
fuzzing security security-tools
Last synced: 09 Nov 2024
https://github.com/yuawn/mediatek-fuzzing-workshop
MediaTek Fuzzing Workshop in HITCON 2021
automation education fuzzing security testing workshop
Last synced: 15 Dec 2024
https://github.com/rindphi/isla
The ISLa (Input Specification Language) language & solver.
constraints fuzzing grammars python smt strings
Last synced: 26 Dec 2024
https://github.com/kmarkela/duffman
Fuzzer and Lightweight CLI Client for Postman Collections
api-pentest api-testing fuzz-testing fuzzer fuzzing postman postman-collection
Last synced: 26 Dec 2024
https://github.com/softsec-kaist/ankou
Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference (ICSE '20)
Last synced: 14 Nov 2024
https://github.com/adrianherrera/afl-mutation-graph
Recover mutation graph from an AFL seed
Last synced: 08 Nov 2024
https://github.com/yangr0/rbust
[ Blazing Fast Web Fuzzer in Rust ]
automated-testing cli directory-bruteforce fuzzer fuzzing hack hacking hacking-tool multi-thread pentest pentest-scripts pentest-tool pentesting pentesting-tools rust rust-lang rustlang security-tools thread
Last synced: 12 Oct 2024
https://github.com/olipratt/swagger-conformance
Python based tool for testing whether your API conforms to its Swagger schema
fuzzing open-api property-based-testing swagger swagger-schema
Last synced: 07 Nov 2024
https://github.com/yangr0/RBust
[ Blazing Fast Web Fuzzer in Rust ]
automated-testing cli directory-bruteforce fuzzer fuzzing hack hacking hacking-tool multi-thread pentest pentest-scripts pentest-tool pentesting pentesting-tools rust rust-lang rustlang security-tools thread
Last synced: 02 Nov 2024
https://github.com/Josue87/roboxtractor
Extract endpoints marked as disallow in robots files to generate wordlists.
bug-bounty bugbounty enumeration fuzzing hacking wordlist
Last synced: 21 Nov 2024
https://github.com/hexhive/evocatio
bug-capability exploit fuzzing patch-testing program-analysis sanitizer security severity
Last synced: 12 Nov 2024
https://github.com/ispras/futag
FUTAG (FUzzing Target Automated Generator) - автоматический генератор фаззинг-оберток для библиотек
addresssanitizer automated-testing code-generator crash fuzzing llvm static-analysis
Last synced: 24 Nov 2024
https://github.com/thekingofduck/copy2java
一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。
burp-plugin fuzzing java-script-generater
Last synced: 16 Nov 2024
https://github.com/christhecoolhut/easy-pickings
Automatic function exporting and linking for fuzzing cross-architecture binaries.
Last synced: 16 Oct 2024
https://github.com/unibuc-cs/river
Fuzz testing framework for binary programs using AI
Last synced: 18 Nov 2024
https://github.com/cytopia/fuzza
Customizable TCP fuzzing tool to test for remote buffer overflows.
buffer-overflow buffer-overflow-attack cytopia-sec fuzzer fuzzers fuzzing
Last synced: 13 Dec 2024
https://github.com/snorez/srcinv
source code audit tool
audit fuzzing kernel linux open-source qa
Last synced: 21 Nov 2024
https://github.com/MozillaSecurity/orion
CI/CD pipeline for building and publishing multiple 🐳 containers as microservices within a mono repository.
automation ci-cd container docker fuzzing libfuzzer microservices monorepo
Last synced: 07 Nov 2024
https://github.com/supercilex/ftzz
File Tree Fuzzer creates a pseudo-random directory hierarchy filled with some number of files.
cli directory-tree files fuzzing rust
Last synced: 22 Dec 2024
https://github.com/ant4g0nist/crashmon
crashmon - A LLDB Based replacement for CrashWrangler
crashwrangler fuzzing lldb macos triage
Last synced: 21 Nov 2024
https://github.com/qlyoung/lagopus
Distributed fuzzing platform
cluster fuzzing kubernetes security
Last synced: 28 Oct 2024
https://github.com/fornwall/advent-of-code
🎄Advent of Code with Rust 🦀
advent-of-code fuzzing pyo3 rust webassembly
Last synced: 20 Dec 2024
https://github.com/airbus-seclab/aflplusplus-blogpost
Blogpost about optimizing binary-only fuzzing with AFL++
afl aflplusplus binary-only fuzzing qemu
Last synced: 16 Nov 2024
