Fuzzing/Fuzz testing
Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program’s reaction to providing invalid, unexpected, or random data as inputs to a computer program.
- GitHub: https://github.com/topics/fuzzing
- Wikipedia: https://en.wikipedia.org/wiki/Fuzzing
- Created by: Barton Miller
- Released: September 1988
- Related Topics: stress-testing, fault-injection, monkey-testing, random-testing, security-testing, test-automation, mutation-testing, cicd, black-box-testing,
- Aliases: fuzz-testing, api-fuzzing,
- Last updated: 2026-07-05 00:08:26 UTC
- JSON Representation
https://github.com/vanhauser-thc/fuzzing-targets
Some fuzzing targets for testing
Last synced: 04 Jan 2026
https://github.com/tree-sitter/afl-tree-sitter
AFL test harness for tree-sitter runtime and parsers
Last synced: 19 Oct 2025
https://github.com/asatarin/testing-sql-databases
Curated list of materials on testing SQL database engines
correctness database fuzzing testing
Last synced: 02 Sep 2025
https://github.com/fkie-cad/61850-fuzzing
This repository provides fuzzing scripts to analyze an IEC 61850 implementation
Last synced: 02 Sep 2025
https://github.com/literallyethical/r3conwhal3
r3conwhale aims to develop a multifunctional recon chain for web applications, intelligently interpreting collected data, and optimizing performance and resource consumption through a concurrency-based approach.
automation-framework bug-bounty-tools bugbounty dns fuzzing osint pentest pentest-tool recon reconnaissance scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 15 Dec 2025
https://github.com/jrconlin/cookie_munger
A stupid idea to abuse the hell out of cookies, because who doesn't like fuzzy cookies?
Last synced: 14 Apr 2025
https://github.com/stevenjohnstone/afl-lua
Fork of Lua adding AFL (https://github.com/google/afl) instrumentation to allow Lua scripts (not the VM itself) to be fuzzed.
afl-fuzz aflpluspplus fuzzing lua
Last synced: 01 Feb 2026
https://github.com/ispras/fuzzeddataprovidercs
FuzzedDataProvider for C#, inspired by Google's FuzzedDataProvider.
csharp fuzzing structure structureaware wrapper
Last synced: 10 Apr 2025
https://github.com/serhatcck/hidden_fuzzer
Hidden Fuzzer is a URL fuzzing tool designed to uncover hidden paths and resources on web applications. It features multithreading, customizable HTTP headers, and request parameters for optimized performance.
bugbounty bugbounty-tool fuzzing pentest-tool security-tools url-fuzzer webpentest
Last synced: 14 Jan 2026
https://github.com/Enigma-Dark/runes
A CLI tool that converts Echidna fuzzer reproducer .txt files into executable Foundry test files.
developer-tools echidna ethereum foundry fuzzing
Last synced: 13 Jul 2025
https://github.com/ninedraft/huffy
Tiny package for smart testcase caching
fuzzing go golang test-automation-project test-generation testing unit-test
Last synced: 10 Mar 2026
https://github.com/ross-spencer/big-list-of-naughty-files
A file-generator tool wrapping the Big List of Naughty Strings
Last synced: 27 May 2026
https://github.com/RobinCPel/graphql-postman
Converts a GraphQL schema to a Postman Collection v2.1.
api-fuzzing docker fuzz fuzz-testing fuzzing gitlab gitlab-api-fuzzing gitlab-ci go golang gql graphql graphql-introspection postman
Last synced: 03 Apr 2025
https://github.com/kchousos/overhaul
Unleash the fuzz on your C codebase.
c-projects fuzzing harness llm neurosymbolic-ai python security security-automation
Last synced: 30 Jun 2025
https://github.com/pthariensflame/salmagundi
A tool to rewrite data type definitions to rearrange in-memory layout.
fuzzing rust-language testing-tools
Last synced: 10 Apr 2025
https://github.com/0xricksanchez/hantu
An educational toy fuzzer with big dreams
fuzzer fuzzing generator grammar hypervisor mutation performance prng rust testcase-generator
Last synced: 25 Sep 2025
https://github.com/offensive-tooling/fuzzmap
Web Application Offensive Fuzzing Module
fuzzing fuzzmap offensive offensive-tooling pentest pentesting scanner vulnerability-scanners webfuzzer webscanner
Last synced: 14 Jan 2026
https://github.com/langston-barrett/czz
Whole-program, Scheme-scriptable, multi-language, coverage-guided fuzzer
Last synced: 07 May 2025
https://github.com/form3tech-oss/go-ci-fuzz
A tool for running Native Go Fuzz tests in CI pipelines
Last synced: 09 Oct 2025
https://github.com/vinsoc-cyber/vulnhunterx
A Python framework for combining static analysis with LLM-based bug verification
codeql fuzzing llm semgrep static-analysis vulnerability vulnerability-verification
Last synced: 12 Jun 2026
https://github.com/jaydhulia/go-url-fuzz
URL Fuzzer in Go - Find hidden directories!
Last synced: 22 Jun 2025
https://github.com/mattjegan/wtfuzz
A pip-installable tool used for checking the existence of different types of web resources
cli fuzzing python security security-scanner security-tools
Last synced: 30 Dec 2025
https://github.com/quasilyte/phpsmith
phpsmith creates random PHP and KPHP programs to test their compilers and runtimes
code-generator codesmith fuzzer fuzzing kphp php testing
Last synced: 19 Mar 2025
https://github.com/weixian-zhang/fuzzie
A VSCode GUI-based fuzzer for Rest API and GraphQL
fuzzing python3 rest-api security vscode-extension
Last synced: 30 Dec 2025
https://github.com/rarecoil/mqtt-packet-fuzzy
Radamsa-backed, hooked mqtt-packet for blind MQTT protocol fuzzing on Mac, Linux and Windows.
fuzzing mqtt mqtt-packet mqttjs radamsa security
Last synced: 01 Jul 2025
https://github.com/cwshugg/gurthang
[Masters Thesis] A connection-multiplexing web server fuzzing harness for AFL++.
afl aflplusplus fuzzing networking security systems-programming
Last synced: 19 Apr 2025
https://github.com/rodnt/bffuf
Burp bridge to FFUF
bugbounty bugs burp ffuf fuzzing pentest portswigger
Last synced: 30 Jan 2026
https://github.com/garbles/fuzz-utils
🎲 Utilities for fuzzing
fuzzing javascript random random-generation typescript
Last synced: 12 May 2025
https://github.com/zubux/pyfuzzer
Quick 'n' dirty file format fuzzer utilizing zzuf mutation techniques
Last synced: 12 Sep 2025
https://github.com/bountyhacking/Payloads_Tool_box
At this repo you can find any tools, tricks or templates for general penetration testing assesment
bounty bounty-hunting-tools bug bugbounty burpsuite curl fuzzing payload payloads pentesting sqli sqlmap tty xss
Last synced: 10 Mar 2025
https://github.com/jmcph4/mph
Python API for interfacing with arbitrary executables
binary-analysis executable fuzzing host managed python subprocess
Last synced: 27 Oct 2025
https://github.com/generalmimon/ks-bits-fuzzer
Kaitai Struct bits int fuzzer
bit-manipulation fuzzer fuzzing kaitai-struct parsing test-automation testing testing-tools
Last synced: 26 Oct 2025
https://github.com/codeintelligencetesting/gofuzz
Bug detectors for Golang
bug-detection fuzzing golang security
Last synced: 11 Apr 2025
https://github.com/jmcph4/fuzzbang
Python 3 package providing basic fuzzing support
fuzz fuzz-testing fuzzer fuzzing python security vulnerability-detection
Last synced: 07 Apr 2025
https://github.com/n0kovo/danish_phone_wordlist_generator
Generate wordlists of Danish phone numbers by area and/or usage (Mobile, landline etc.) Useful for password cracking or fuzzing Danish targets.
fuzzing infosec osint pentesting redteam-tools wordlist wordlist-generator
Last synced: 14 Apr 2025
https://github.com/trailofbits/deepstate-test-suite
Automated continuous testing integration using DeepState
fuzzing symbolic-execution unit-testing
Last synced: 15 Apr 2025
https://github.com/aw-junaid/fuzzing-for-security-testing
Learn fuzzing techniques for vulnerability discovery: AFL, libFuzzer, and custom fuzzers. Includes examples, tools, and tips for effective software testing.
fuzz-testing fuzzing security security-fuzzing
Last synced: 06 Jan 2026
https://github.com/dergoegge/semsan
Semantics Sanitizer: Fuzz Driven Characterization Testing
Last synced: 11 Sep 2025
https://github.com/0xdea/from-day-zero-to-zero-day
My code and notes for "From Day Zero to Zero Day", a book on vulnerability research by Eugene Lim.
code-review fuzzing reverse-engineering vulnerability-research
Last synced: 30 Sep 2025
https://github.com/emrekybs/nse-webdirscanner
This Nmap script performs a comprehensive directory scan on a specified web server, checking for the presence of common directories and their HTTP status codes.
dirbuster fuzzing nmap nmap-scan-script nmap-scripts nse webdirscan webscanner
Last synced: 11 Oct 2025
https://github.com/0xricksanchez/upfuzz
The Ultimate File Upload Bypass Generator
bugbounty file-inclusion file-upload fuzzing penetration-testing xxe xxe-payloads
Last synced: 10 Oct 2025
https://github.com/picobaz/pyformblaster
PyFormBlaster: A sleek Python web form fuzzer for ethical security audits. Blast forms with random and malicious inputs to uncover XSS, SQL Injection, and more. Features auto-field detection, CSV logging, and modular config. Test responsibly!
cybersecurity ethical-hacking form-fuzzer fuzzing penetration-testing python security web-security
Last synced: 09 Oct 2025
https://github.com/shad0w-ops/subfuzzer
A simple python fuzzer tool created for the soul purpose of bruteforcing subdomains
bruteforce enumeration fuzzing subdomain-enumeration
Last synced: 12 Apr 2025
https://github.com/lakshayd02/exploit_development_framework_c
A C-based exploit development framework and fuzzing tool designed to test application robustness and security by generating random payloads and targeting vulnerabilities. Automate vulnerability discovery and improve application resilience! 🛡️
c exploit-development exploitation-framework fuzzing fuzzing-tool
Last synced: 10 Apr 2025
https://github.com/ant4g0nist/chinfuzz
Tezos smart contract fuzzer
chinstrap fuzzing ligo smartpy tezos tezos-client
Last synced: 11 Jul 2025
https://github.com/sgabe/poc
Collection of various crash samples from miscellaneous sources.
Last synced: 24 Feb 2026
https://github.com/wcygan/lib-wc
A simple rust library
algorithms benchmarking cargo-fuzz concurrency concurrent-data-structure criterion data-structures fuzzing property-based-testing rust rust-crate rust-lang rust-library tokio tokio-rs
Last synced: 04 May 2025
https://github.com/kchousos/bsc-thesis
My BSc Thesis on fuzzing automation through LLMs.
bsc-thesis fuzzing neurosymbolic-ai quarto-book university-of-athens
Last synced: 19 Feb 2026
https://github.com/jmcph4/lm5
Simple and extensible fuzzer
binary-analysis binary-exploitation bugbounty fuzz-testing fuzzer fuzzing penetration-testing pentest-tool pentesting python3 security security-tools vulnerabilities vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 07 Apr 2025
https://github.com/dergoegge/btcser
Descriptor language for Bitcoin's serialization format
bitcoin fuzzing structure-aware-fuzzing
Last synced: 30 Oct 2025
https://github.com/blaind/bevy_fuzz
Experimental high-performance fuzz-testing for bevy systems, emulating user UI interaction
Last synced: 26 Oct 2025
https://github.com/sumit03guha/smart-contracts-development-boilerplate
A boilerplate repository for smart contracts development, based on hardhat and includes foundry fuzzing.
ethereum ethersjs foundry fuzzing hardhat hardhat-boilerplate solidity truffle typescript yarn
Last synced: 12 Apr 2025
https://github.com/hsluoyz/spikefuzzui
A network protocol fuzzing test software with UI on Windows
fuzz-testing fuzzing security visual-studio windows
Last synced: 08 Sep 2025
https://github.com/skalt/monkey-see-monkey-vue
Monkey-testing utility for vue.js applications 🍌
code-quality fuzz-testing fuzzing monkey-test test-generation testing-tools vue vuejs2
Last synced: 05 Feb 2026
https://github.com/ropwareJB/jwtfuzz
Library for fuzzing & attacking JSON Web Tokens (JWTs). Bindings for other languages included.
bug-bounty bug-bounty-tools bugbounty fuzz fuzzing hacking hacking-tool jwt jwt-token pentesting pentesting-tools security
Last synced: 10 Mar 2025
https://github.com/ligurio/lua-c-api-corpus
Lua C API seed corpus and dictionaries
Last synced: 09 Apr 2025
https://github.com/orbitinghail/precept
A testing utility for fuzzing and fault injection to discover erroneous and interesting states.
fault-injection fuzzing testing
Last synced: 27 Jun 2025
https://github.com/ivan-sincek/browser-extension-automation
Run a browser extension in a sandboxed web browser and without any fear of corrupting or loosing your real data.
automation browser-extension brute-force bug-bounty chrome chrome-extension chromium end-to-end-testing ethical-hacking fuzzing offensive-security penetration-testing playwright python quality-assurance security web
Last synced: 09 Apr 2025
https://github.com/mheidari98/web-fuzzer
simple Web Fuzzer for detect XSSi, SQLi, Blind SQLi, OSi and Blind OSi
fuzzing penetration-testing python sql-injection vulnerability-scanner xss
Last synced: 31 Jul 2025
https://github.com/indspl0it/blue-tap
Blue-Tap is a comprehensive Bluetooth and BLE penetration testing toolkit designed specifically for security assessments of automotive In-Vehicle Infotainment (IVI) systems. It provides a complete attack lifecycle — from passive device discovery through active exploitation, data extraction, and automated report generation.
ble bluetooth fuzzing ivi pentesting security vulnerability-research
Last synced: 17 Apr 2026
https://github.com/jeffh/check.statem
Facilities for generating test programs using state machines.
clojure fuzzing property-based-testing quickcheck state-machine test-check testing
Last synced: 07 Oct 2025
https://github.com/rarecoil/sinkdweller
A TypeScript-based frontend to the radamsa fuzzer. No dependencies on most platforms.
cygwin fuzzing node-fuzzer nodejs radamsa typescript windows
Last synced: 01 Jul 2025
https://github.com/vulnpire/banshee-ai
AI-powered high‑speed Google & Brave dorking tool for reconnaissance and OSINT.
ai bug-bounty dorking fuzzing hacking osint reconnaissance red-teaming
Last synced: 05 Apr 2026
https://github.com/henryhchchc/lsp-fuzz
A grey-box hybrid fuzzer that generates test cases for language servers
fuzzing language-server-protocol libafl lsp
Last synced: 13 Oct 2025
https://github.com/0x1nf3cted/reqfuzz
ReqFuzz: everything is fuzzable if you have the right tool ;)
fuzzing headers http pentesting proxy sandbox web
Last synced: 18 Jul 2025
https://github.com/pigeonhands/fuzz-rs
HTTP Directory Fuzzer/Buster written in Rust similar to dirbuster.
buster fuzzing pentesting rust-lang tool web
Last synced: 09 Apr 2025
https://github.com/littledivy/dfuzz
libFuzzer based JS/TS fuzzer.
deno fuzzing libfuzzer typescript
Last synced: 28 Oct 2025
https://github.com/n0kovo/random-agent
Simply output a random user-agent. Use it with tools that don't have a --random-agent flag. Like `random-agent` or $(random-agent)
appsec bug-bounty bug-bounty-tools bugbounty bugbounty-tool bugbountytools fuzzer fuzzing infosec infosectools pentesting pentesting-tools redteam-tools web-app-security webfuzzer
Last synced: 04 Feb 2026
https://github.com/one2blame/the-dark-arts
Repository to contain my notes from my self-study of binary exploitation and reverse engineering.
binary-diffing binary-exploitation ctf fuzzing reverse-engineering symbolic-execution
Last synced: 07 Jan 2026
https://github.com/hectorta1989/802.11-wireless-fuzzer
a 802.11 wireless fuzzer
80211 fuzzer fuzzing wireless wireless-security
Last synced: 20 Jun 2026
https://github.com/ligurio/afl-lua
Integration of AFL (American Fuzzy Lop) with Lua programming language. Superseded by https://github.com/ligurio/luzer.
afl-fuzz aflplusplus fuzzing lua luajit
Last synced: 27 Mar 2025
https://github.com/bad-antics/Fuzz.jl
Security fuzzing toolkit for Julia — mutation, generation, and coverage-guided fuzzing
fuzzing julia mutation-fuzzing security testing
Last synced: 06 Apr 2026
https://github.com/dobin/ffweb
A webgui to view crash information of fuzzing runs (FFW)
Last synced: 08 Oct 2025
https://github.com/wh1t3h47/afl_pidgin
Fuzz pidgin dbus by using AFL++ and clang's ASAN
afl aflplusplus buffer-overflow c cybersecurity dbus fuzzer fuzzing hacking linux liveoverflow memory-disclosure off-by-one pidgin security zerodium
Last synced: 16 May 2026
https://github.com/0xricksanchez/afl_runner
AFLPlusPlus command generator to make the best use of multiple cores
afl aflplusplus fuzzer fuzzing multiprocessing multithreading tmux
Last synced: 13 Apr 2025
https://github.com/weltling/virtio-villain
Battle test virtio device models
c cloud-hypervisor fault-injection fuzzing hypervisor kvm negative-testing qemu security testing virtio vmm
Last synced: 16 Jun 2026
https://github.com/marcellomaugeri/hardening-7-fuzzing
Material of the Hardening 7 talk: "Fuzzing: l'arte di scoprire vulnerabilità in maniera automatizzata"
coverage-guided-fuzzing cve-2021-3156 fuzzing fuzzing-cve-2021-3156 poc-cve-2021-3156 talk
Last synced: 06 Apr 2025
https://github.com/frewsxcv/ruby-coverage-guided-fuzzer
PoC fuzzer written in Ruby for Ruby powered by Ruby’s built-in coverage library.
coverage-guided-fuzzing fuzz-testing fuzzing ruby
Last synced: 06 Apr 2025
https://github.com/mozillasecurity/mozilla-build-configs
Build configurations of Firefox for Fuzzing and Sanitizer builds.
build-configuration configs development firefox fuzzing
Last synced: 29 Dec 2025
https://github.com/cryptix720/prokfuzz
Tiny Fuzzer extension for Burp suite
burp experiment fuzz fuzzing python security test
Last synced: 19 May 2026
https://github.com/charmve/b1ueb0y-ble-fuzzing
An awesome toolkit for testing the BLE device, chip and Protocol stack
ble bluetooth bluetooth-le bluetooth-low-energy charmve cyber-security fuzz fuzzer fuzzing iot security-tools security-vulnerability wireless-network
Last synced: 07 Mar 2026
https://github.com/kchousos/llm-harness
Automatic LLM-generated fuzzing harnesses for your C/C++ project.
c-projects cpp-projects fuzzing harness llm neurosymbolic-ai
Last synced: 15 May 2025
https://github.com/Proviesec/nlp-website-string-miner-for-fuzzing
Find all keywords for your subdomain or folder search
bug-bounty bugbounty cybersecurity fuzzing security security-tools
Last synced: 10 Mar 2025
https://github.com/toktok/toktok-fuzzer
TokTok fuzzing corpus and coverage results.
Last synced: 14 Apr 2025
https://github.com/exfil0/collectjuices
CollectJuices is a powerful tool designed to automate the process of fetching, analyzing, and recursively processing JavaScript files to discover URLs and secrets. Leveraging the capabilities of the JSluice tool and advanced Python libraries, CollectJuices is an essential tool for cybersecurity professionals.
attack attack-surface cybersecurity fuzzing information-gathering intelligence python secrets url
Last synced: 23 Jun 2026
https://github.com/ivannardi/pl7m
Pcap L7 Mutator
deep-packet-inspection fuzzing mutator structure-aware-fuzzing
Last synced: 14 Apr 2025