Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Fuzzing/Fuzz testing

Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the programโ€™s reaction to providing invalid, unexpected, or random data as inputs to a computer program.

https://github.com/MozillaSecurity/dharma

Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.

context-free fuzzer fuzzing generation grammar python random

Last synced: 02 Aug 2024

https://github.com/intel/kernel-fuzzer-for-xen-project

Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL

afl fuzzing hypervisor linux-kernel xen

Last synced: 28 Sep 2024

https://github.com/mrash/afl-cov

Produce code coverage results with gcov from afl-fuzz test cases

afl-fuzz code-coverage fuzzing gcov

Last synced: 03 Nov 2024

https://google.github.io/clusterfuzzlite/

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

ci continuous-integration fuzz-testing fuzzing security vulnerabilities

Last synced: 03 Aug 2024

https://github.com/google/clusterfuzzlite

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

ci continuous-integration fuzz-testing fuzzing security vulnerabilities

Last synced: 01 Aug 2024

https://github.com/loiclec/fuzzcheck-rs

Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions

coverage-guided-fuzzing fuzzer fuzzing grammar-fuzzer property-based-testing rust testing

Last synced: 03 Nov 2024

https://github.com/cisco-sas/kitty

Fuzzing framework written in python

fuzzing security

Last synced: 03 Nov 2024

https://github.com/rc0r/afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

afl automation crash-reporting fuzzer fuzzing job-management python-3 security triage

Last synced: 28 Sep 2024

https://github.com/rust-fuzz/trophy-case

๐Ÿ† Collection of bugs uncovered by fuzzing Rust code

fuzz-testing fuzzing rust trophies

Last synced: 01 Aug 2024

https://github.com/xsscx/Commodity-Injection-Signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss

Last synced: 04 Aug 2024

https://github.com/ucsb-seclab/difuze

Fuzzer for Linux Kernel Drivers

android fuzzing kernel vulnerability-detection

Last synced: 03 Nov 2024

https://github.com/jwilk/python-afl

American Fuzzy Lop fork server and instrumentation for pure-Python code

fuzzing security

Last synced: 03 Nov 2024

https://github.com/LyleMi/papers

Academic papers and articles that I read related to web hacking, fuzzing, etc. / ้˜…่ฏป่ฟ‡็š„Webๅฎ‰ๅ…จๆ–นๅ‘ใ€ๆจก็ณŠๆต‹่ฏ•ๆ–นๅ‘็š„ไธ€ไบ›่ฎบๆ–‡ไธŽ้˜…่ฏป็ฌ”่ฎฐ

awesome fuzzing papers read-papers reading-notes security

Last synced: 04 Aug 2024

https://github.com/andreafioraldi/qasan

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

fuzzing sanitization

Last synced: 15 Oct 2024

https://github.com/strongcourage/uafuzz

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

fuzzing

Last synced: 04 Aug 2024

https://github.com/owasp-dep-scan/blint

BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.

binary cyclonedx depscan fuzzing malware sbom supply-chain-analytics supply-chain-security

Last synced: 03 Aug 2024

https://github.com/d4rckh/vaf

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss

Last synced: 03 Nov 2024

https://github.com/hugsy/cfb

Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.

fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver

Last synced: 26 Oct 2024

https://github.com/rootup/bfuzz

Fuzzing Browsers

browsers domato fuzzing fuzzing-framework

Last synced: 03 Nov 2024

https://github.com/RootUp/BFuzz

Fuzzing Browsers

browsers domato fuzzing fuzzing-framework

Last synced: 01 Nov 2024

https://github.com/hugsy/CFB

Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.

fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver

Last synced: 04 Aug 2024

https://github.com/RapidDNS/Afuzz

Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.

bugbounty fuzzing pentest pentest-tool pentesting security-tools

Last synced: 04 Aug 2024

https://github.com/zer0yu/berserker

A list of useful payloads for Web Application Security and Pentest/CTF

ctf fuzzing intruder pentest scanner sqli web-application xss xxe

Last synced: 03 Aug 2024

https://github.com/zer0yu/Berserker

A list of useful payloads for Web Application Security and Pentest/CTF

ctf fuzzing intruder pentest scanner sqli web-application xss xxe

Last synced: 25 Oct 2024

https://github.com/MindPatch/lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:

blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity

Last synced: 03 Nov 2024

https://github.com/ajinabraham/droid-application-fuzz-framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 31 Oct 2024

https://github.com/ajinabraham/Droid-Application-Fuzz-Framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 02 Aug 2024

https://github.com/project-oak/rust-verification-tools

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

fuzzing klee proptest rust seahorn verification

Last synced: 02 Aug 2024

https://project-oak.github.io/rust-verification-tools/

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

fuzzing klee proptest rust seahorn verification

Last synced: 03 Aug 2024

https://github.com/CodeIntelligenceTesting/jazzer.js

Coverage-guided, in-process fuzzing for Node.js

fuzzer fuzzing javascript nodejs security testing typescript

Last synced: 03 Aug 2024

https://github.com/charmve/ble-security-attack-defence

โœจ Purpose only! The dangers of Bluetooth Low Energy๏ผˆBLE๏ผ‰implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless

Last synced: 26 Oct 2024

https://github.com/Charmve/BLE-Security-Attack-Defence

โœจ Purpose only! The dangers of Bluetooth Low Energy๏ผˆBLE๏ผ‰implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless

Last synced: 04 Aug 2024

https://github.com/HexHive/magma

A ground-truth fuzzing benchmark suite based on real programs with real bugs.

benchmark fuzzing

Last synced: 03 Aug 2024

https://github.com/microsoft/rest-api-fuzz-testing

REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows

api devops fuzz fuzzing fuzzing-framework rest rest-api

Last synced: 04 Aug 2024

https://github.com/anmolksachan/TheTimeMachine

Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

automate bugbounty fuzzer fuzzing jira lfi openredirect osint parameter scanner xss

Last synced: 10 Sep 2024

https://github.com/d0c-s4vage/gramfuzz

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

complex-grammars fuzzer fuzzing grammar parsing

Last synced: 30 Oct 2024

https://github.com/xyntax/filesensor

Dynamic file detection tool based on crawler ๅŸบไบŽ็ˆฌ่™ซ็š„ๅŠจๆ€ๆ•ๆ„Ÿๆ–‡ไปถๆŽขๆต‹ๅทฅๅ…ท

crawler fuzzing pentesting scrapy

Last synced: 31 Oct 2024

https://github.com/intel/tsffs

A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS

fuzzing rust security simics

Last synced: 04 Aug 2024

https://github.com/alphaSeclab/fuzzing-stuff

Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.

afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl

Last synced: 04 Aug 2024

https://github.com/fuzzitdev/fuzzit

CLI to integrate continuous fuzzing with Fuzzit (no longer available)

fuzz-testing fuzzing fuzzit security vulnerability

Last synced: 04 Aug 2024

https://github.com/trailofbits/mishegos

A differential fuzzer for x86 decoders

fuzzing hacktoberfest x86

Last synced: 04 Aug 2024

https://github.com/FuzzAnything/Hopper

Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.

afl api-testing binary fuzz-driver fuzzer fuzzing fuzzing-framework interpreter library-testing rust security testing

Last synced: 01 Aug 2024

https://github.com/profuzzbench/profuzzbench

ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing

benchmarking fuzzing security

Last synced: 03 Aug 2024

https://github.com/rubilmax/foundry-gas-diff

๐Ÿ› ๏ธ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!

action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking

Last synced: 13 Oct 2024

https://github.com/Rubilmax/foundry-gas-diff

๐Ÿ› ๏ธ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!

action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking

Last synced: 04 Aug 2024

https://github.com/epi052/feroxfuzz

A structure-aware HTTP fuzzing library

fuzzing hacktoberfest http testing

Last synced: 01 Nov 2024

https://github.com/AFLplusplus/Grammar-Mutator

A grammar-based custom mutator for AFL++

afl afl-fuzz aflplusplus fuzzing grammar-fuzzer

Last synced: 04 Aug 2024

https://github.com/trailofbits/siderophile

Find the ideal fuzz targets in a Rust codebase

fuzzing program-analysis rust security-testing

Last synced: 03 Nov 2024

https://github.com/carlospolop/fuzzhttpbypass

This tool use fuuzzing to try to bypass unknown authentication methods, who knows...

authentication bypass fuzzing http wfuzz

Last synced: 28 Oct 2024

https://github.com/SoftSec-KAIST/Fuzzing-Survey

The Art, Science, and Engineering of Fuzzing: A Survey

fuzzer fuzzing genealogy-database visualization

Last synced: 03 Aug 2024

https://github.com/ackee-blockchain/trident

Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.

anchor fuzz fuzz-testing fuzzer fuzzing rust solana

Last synced: 11 Oct 2024

https://github.com/Ackee-Blockchain/trident

Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.

anchor fuzz fuzz-testing fuzzer fuzzing rust solana

Last synced: 13 Oct 2024

https://github.com/ZhangZhuoSJTU/StochFuzz

Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting

afl binary-rewriting fuzzing

Last synced: 04 Aug 2024

https://github.com/efchatz/wpaxfuzz

A full-featured open-source Wi-Fi fuzzer

dos exploit fuzzing sae wpa2 wpa3

Last synced: 30 Oct 2024

https://github.com/kazet/wpgarlic

A proof-of-concept WordPress plugin fuzzer

fuzzing security security-tools testing wordpress

Last synced: 02 Aug 2024

https://github.com/efchatz/WPAxFuzz

A full-featured open-source Wi-Fi fuzzer

dos exploit fuzzing sae wpa2 wpa3

Last synced: 01 Aug 2024

https://github.com/youki992/VscanPlus

[VscanPlusๅ†…ๅค–็ฝ‘ๆผๆดžๆ‰ซๆๅทฅๅ…ท]ๅทฒๆ›ดๆ–ฐHW็ƒญ้—จๆผๆดžๆฃ€ๆต‹POCใ€‚ๅŸบไบŽveoๅธˆๅ‚…็š„ๆผๆ‰ซๅทฅๅ…ทvscanไบŒๆฌกๅผ€ๅ‘็š„็‰ˆๆœฌ๏ผŒ็ซฏๅฃๆ‰ซๆใ€ๆŒ‡็บนๆฃ€ๆต‹ใ€็›ฎๅฝ•fuzzใ€ๆผๆดžๆ‰ซๆๅŠŸ่ƒฝๅทฅๅ…ท๏ผŒๆ‰น้‡ๅฟซ้€Ÿๆฃ€ๆต‹็ฝ‘็ซ™ๅฎ‰ๅ…จ้šๆ‚ฃใ€‚An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.

fingerprint fuzzing nuclei portscan security sql-injection xray

Last synced: 10 Sep 2024

https://github.com/shnatsel/libdiffuzz

Custom memory allocator that helps discover reads from uninitialized memory

fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools

Last synced: 27 Oct 2024

https://github.com/Shnatsel/libdiffuzz

Custom memory allocator that helps discover reads from uninitialized memory

fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools

Last synced: 03 Nov 2024

https://github.com/k0retux/fuddly

Fuzzing and Data Manipulation Framework (for GNU/Linux)

data-manipulation framework fuzzing python security

Last synced: 02 Aug 2024

https://github.com/galli-leo/emmutaler

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

checkm8 fuzzing ios securerom

Last synced: 04 Aug 2024

https://github.com/npryce/snodge

Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing

binary forms fuzz-testing fuzzing javascript json jvm kotlin kotlin-library test-driven-development testing text xml

Last synced: 31 Oct 2024

https://github.com/0xf4b1/bsod-kernel-fuzzing

BSOD: Binary-only Scalable fuzzing Of device Drivers

fuzzing kernel qemu

Last synced: 27 Oct 2024

https://github.com/SoftSec-KAIST/Eclipser

Grey-box Concolic Testing on Binary Code (ICSE '19)

concolic-testing fsharp fuzzer fuzzing testcase-generator

Last synced: 02 Aug 2024

https://github.com/quarkslab/samsung-trustzone-research

Reverse-engineering tools and exploits for Samsung's implementation of TrustZone

bindings emulation exploitation fuzzing kinibi reverse-engineering samsung tooling trustzone

Last synced: 02 Aug 2024

https://github.com/MichaelStott/CRLF-Injection-Scanner

Command line tool for testing CRLF injection on a list of domains.

bugbounty cli crlf fuzzer fuzzing security-vulnerability

Last synced: 24 Oct 2024

https://github.com/michaelstott/crlf-injection-scanner

Command line tool for testing CRLF injection on a list of domains.

bugbounty cli crlf fuzzer fuzzing security-vulnerability

Last synced: 01 Nov 2024

https://github.com/elceef/subzuf

a smart DNS response-guided subdomain fuzzer

dns fuzzing subdomain-enumeration

Last synced: 31 Oct 2024

https://github.com/0xricksanchez/fisy-fuzz

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

filesystem freebsd fuzzer fuzzing kernel kernel-panic kernels netbsd openbsd panic security-tools

Last synced: 10 Oct 2024

https://github.com/epi052/fuzzing-101-solutions

Companion repository to the Fuzzing101 with LibAFL series of blog posts.

fuzzing hacktoberfest libafl rust

Last synced: 27 Oct 2024

https://github.com/ksharinarayanan/SourceWolf

Amazingly fast response crawler to find juicy stuff in the source code! ๐Ÿ˜Ž๐Ÿ”ฅ

automation broken-link-hijacking bugbounty fuzzing osint reconnaissance wordlist

Last synced: 02 Aug 2024

https://github.com/Riscure/optee_fuzzer

This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.

afl fuzzing op-tee trusted-execution-environment

Last synced: 01 Nov 2024

https://github.com/malqr/malqr.github.io

MalQR is a collection of malicious QR Codes and Barcodes you can use to test the security of your scanners.

barcode ci fuzzing payload pentest qrcode sqli xss

Last synced: 03 Aug 2024

https://github.com/ise-uiuc/nnsmith

Automatic DNN generation for fuzzing and more

compiler deep-learning fuzzing machine-learning pytorch tensorflow

Last synced: 11 Oct 2024

https://github.com/HexHive/FuZZan

FuZZan: Efficient Sanitizer Metadata Design for Fuzzing

addresssanitizer fuzzing sanitizer

Last synced: 04 Aug 2024

https://github.com/agroce/afl-compiler-fuzzer

Variation of american fuzzy lop for testing compilers

afl afl-fuzz compiler-testing fuzzing fuzzing-compilers

Last synced: 27 Oct 2024

https://github.com/rust-fuzz/book

๐Ÿ“– Guides and tutorials on how to fuzz Rust code

documentation fuzz-testing fuzzing rust

Last synced: 01 Aug 2024

https://github.com/mozillasecurity/octo

A fuzzing library in JavaScript. โœจ

browser fuzzing fuzzing-framework generators library node random

Last synced: 04 Aug 2024

https://rust-fuzz.github.io/book/

๐Ÿ“– Guides and tutorials on how to fuzz Rust code

documentation fuzz-testing fuzzing rust

Last synced: 25 Oct 2024

https://github.com/FuzzingLabs/cairo-fuzzer

Cairo/Starknet smart contract fuzzer

cairo cairo-lang fuzzer fuzzing starknet

Last synced: 03 Aug 2024

https://github.com/microsoft/sca-fuzzer

Revizor - a fuzzer to search for microarchitectural leaks in CPUs

fuzzing meltdown security side-channel spectre-vulnerability

Last synced: 07 Oct 2024

https://github.com/phayes/sidefuzz

Fuzzer to automatically find side-channel (timing) vulnerabilities

constant-time cryptography dudect fuzzing rust side-channel wasm

Last synced: 03 Nov 2024

https://github.com/Teebytes/TnT-Fuzzer

OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.

fuzzer fuzzing json-api openapi pentesting python security swagger

Last synced: 03 Aug 2024