Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Fuzzing/Fuzz testing
Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the programโs reaction to providing invalid, unexpected, or random data as inputs to a computer program.
- GitHub: https://github.com/topics/fuzzing
- Wikipedia: https://en.wikipedia.org/wiki/Fuzzing
- Created by: Barton Miller
- Released: September 1988
- Related Topics: stress-testing, fault-injection, monkey-testing, random-testing, security-testing, test-automation, mutation-testing, cicd, black-box-testing,
- Aliases: fuzz-testing, api-fuzzing,,
- Last updated: 2024-11-04 00:11:24 UTC
- JSON Representation
https://github.com/MozillaSecurity/dharma
Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.
context-free fuzzer fuzzing generation grammar python random
Last synced: 02 Aug 2024
https://github.com/intel/kernel-fuzzer-for-xen-project
Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
afl fuzzing hypervisor linux-kernel xen
Last synced: 28 Sep 2024
https://github.com/mrash/afl-cov
Produce code coverage results with gcov from afl-fuzz test cases
afl-fuzz code-coverage fuzzing gcov
Last synced: 03 Nov 2024
https://github.com/rust-fuzz/honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
crates fuzz fuzz-testing fuzzer fuzzing honggfuzz rust rust-fuzz sanitizer security security-testing security-tools
Last synced: 25 Oct 2024
https://google.github.io/clusterfuzzlite/
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 03 Aug 2024
https://github.com/google/clusterfuzzlite
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 01 Aug 2024
https://github.com/loiclec/fuzzcheck-rs
Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions
coverage-guided-fuzzing fuzzer fuzzing grammar-fuzzer property-based-testing rust testing
Last synced: 03 Nov 2024
https://github.com/rc0r/afl-utils
Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization
afl automation crash-reporting fuzzer fuzzing job-management python-3 security triage
Last synced: 28 Sep 2024
https://github.com/rust-fuzz/trophy-case
๐ Collection of bugs uncovered by fuzzing Rust code
fuzz-testing fuzzing rust trophies
Last synced: 01 Aug 2024
https://github.com/xsscx/Commodity-Injection-Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss
Last synced: 04 Aug 2024
https://github.com/Brum3ns/firefly
Black box fuzzer for web applications
black-box-testing blackbox bugbounty fuzz fuzzer fuzzing penetration-testing pentesting security-tools web-security
Last synced: 02 Aug 2024
https://github.com/mseclab/PyJFuzz
PyJFuzz - Python JSON Fuzzer
crash fuzzer fuzzing json json-api json-schema json-serialization process-crashes
Last synced: 25 Oct 2024
https://github.com/mseclab/pyjfuzz
PyJFuzz - Python JSON Fuzzer
crash fuzzer fuzzing json json-api json-schema json-serialization process-crashes
Last synced: 14 Oct 2024
https://github.com/ucsb-seclab/difuze
Fuzzer for Linux Kernel Drivers
android fuzzing kernel vulnerability-detection
Last synced: 03 Nov 2024
https://github.com/fuzzuf/fuzzuf
Fuzzing Unification Framework
afl afl-fuzz fuzz-testing fuzzer fuzzing fuzzing-framework libfuzzer security testing vuzzer
Last synced: 01 Aug 2024
https://github.com/jwilk/python-afl
American Fuzzy Lop fork server and instrumentation for pure-Python code
Last synced: 03 Nov 2024
https://github.com/hgascon/pulsar
Protocol Learning and Stateful Fuzzing
fuzzing networking protocol-learning security simulation vulnerability-identification
Last synced: 03 Nov 2024
https://github.com/LyleMi/papers
Academic papers and articles that I read related to web hacking, fuzzing, etc. / ้ ่ฏป่ฟ็Webๅฎๅ จๆนๅใๆจก็ณๆต่ฏๆนๅ็ไธไบ่ฎบๆไธ้ ่ฏป็ฌ่ฎฐ
awesome fuzzing papers read-papers reading-notes security
Last synced: 04 Aug 2024
https://github.com/andreafioraldi/qasan
QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
Last synced: 15 Oct 2024
https://github.com/strongcourage/uafuzz
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
Last synced: 04 Aug 2024
https://github.com/owasp-dep-scan/blint
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
binary cyclonedx depscan fuzzing malware sbom supply-chain-analytics supply-chain-security
Last synced: 03 Aug 2024
https://github.com/d4rckh/vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss
Last synced: 03 Nov 2024
https://github.com/hugsy/cfb
Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver
Last synced: 26 Oct 2024
https://github.com/rootup/bfuzz
Fuzzing Browsers
browsers domato fuzzing fuzzing-framework
Last synced: 03 Nov 2024
https://github.com/RootUp/BFuzz
Fuzzing Browsers
browsers domato fuzzing fuzzing-framework
Last synced: 01 Nov 2024
https://github.com/MozillaSecurity/grizzly
A cross-platform browser fuzzing framework
automated-testing automation framework fuzz-testing fuzzing python security stability test-framework testcase-reducer testing
Last synced: 04 Aug 2024
https://github.com/hugsy/CFB
Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver
Last synced: 04 Aug 2024
https://github.com/RapidDNS/Afuzz
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
bugbounty fuzzing pentest pentest-tool pentesting security-tools
Last synced: 04 Aug 2024
https://github.com/zer0yu/berserker
A list of useful payloads for Web Application Security and Pentest/CTF
ctf fuzzing intruder pentest scanner sqli web-application xss xxe
Last synced: 03 Aug 2024
https://github.com/zer0yu/Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
ctf fuzzing intruder pentest scanner sqli web-application xss xxe
Last synced: 25 Oct 2024
https://github.com/MindPatch/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 03 Nov 2024
https://github.com/ajinabraham/droid-application-fuzz-framework
Android application fuzzing framework with fuzzers and crash monitor.
android browser corruption crash exploitation fuzzing memory pdf vulnerability
Last synced: 31 Oct 2024
https://github.com/ajinabraham/Droid-Application-Fuzz-Framework
Android application fuzzing framework with fuzzers and crash monitor.
android browser corruption crash exploitation fuzzing memory pdf vulnerability
Last synced: 02 Aug 2024
https://github.com/project-oak/rust-verification-tools
RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
fuzzing klee proptest rust seahorn verification
Last synced: 02 Aug 2024
https://project-oak.github.io/rust-verification-tools/
RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
fuzzing klee proptest rust seahorn verification
Last synced: 03 Aug 2024
https://github.com/CodeIntelligenceTesting/jazzer.js
Coverage-guided, in-process fuzzing for Node.js
fuzzer fuzzing javascript nodejs security testing typescript
Last synced: 03 Aug 2024
https://github.com/Charmve/BLE-Security-Attack-Defence
โจ Purpose only! The dangers of Bluetooth Low Energy๏ผBLE๏ผimplementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless
Last synced: 04 Aug 2024
https://github.com/charmve/ble-security-attack-defence
โจ Purpose only! The dangers of Bluetooth Low Energy๏ผBLE๏ผimplementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless
Last synced: 26 Oct 2024
https://github.com/chrispetrou/FDsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
directory-traversal directory-traversal-vulnerability enumeration exploitation file-include fuzzing hacking inclusion lfi lfi-shells lfi-vulnerability oscp owasp path-traversal penetration-testing pentesting rfi security security-tools web-security
Last synced: 03 Nov 2024
https://github.com/geeknik/the-nuclei-templates
Nuclei templates written by us.
fuzzing hacking infosec nuclei open-source oss security templates
Last synced: 04 Aug 2024
https://github.com/HexHive/magma
A ground-truth fuzzing benchmark suite based on real programs with real bugs.
Last synced: 03 Aug 2024
https://github.com/microsoft/rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
api devops fuzz fuzzing fuzzing-framework rest rest-api
Last synced: 04 Aug 2024
https://github.com/d0c-s4vage/gramfuzz
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.
complex-grammars fuzzer fuzzing grammar parsing
Last synced: 30 Oct 2024
https://github.com/xyntax/filesensor
Dynamic file detection tool based on crawler ๅบไบ็ฌ่ซ็ๅจๆๆๆๆไปถๆขๆตๅทฅๅ ท
crawler fuzzing pentesting scrapy
Last synced: 31 Oct 2024
https://github.com/intel/tsffs
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Last synced: 04 Aug 2024
https://github.com/mc-imperial/jfs
Constraint solver based on coverage-guided fuzzing
constraint-solver coverage-guided-fuzzing floating-point-arithmetic fuzzing jit libfuzzer llvm smtlib smtlibv2 z3
Last synced: 02 Aug 2024
https://github.com/strongcourage/fuzzing-corpus
My fuzzing corpus
corpus file-format fuzzing testsuite vulnerability
Last synced: 26 Sep 2024
https://github.com/alphaSeclab/fuzzing-stuff
Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl
Last synced: 04 Aug 2024
https://github.com/ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
401 403 broken-access-controls brute-force bug-bounty bypass curl ethical-hacking fuzzing offensive-security open-redirect owasp-top-10 penetration-testing pycurl python python-requests red-team-engagement security web web-penetration-testing
Last synced: 14 Oct 2024
https://github.com/fuzzitdev/fuzzit
CLI to integrate continuous fuzzing with Fuzzit (no longer available)
fuzz-testing fuzzing fuzzit security vulnerability
Last synced: 04 Aug 2024
https://github.com/trailofbits/mishegos
A differential fuzzer for x86 decoders
Last synced: 04 Aug 2024
https://github.com/FuzzAnything/Hopper
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
afl api-testing binary fuzz-driver fuzzer fuzzing fuzzing-framework interpreter library-testing rust security testing
Last synced: 01 Aug 2024
https://github.com/profuzzbench/profuzzbench
ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing
Last synced: 03 Aug 2024
https://github.com/rubilmax/foundry-gas-diff
๐ ๏ธ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!
action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking
Last synced: 13 Oct 2024
https://github.com/Rubilmax/foundry-gas-diff
๐ ๏ธ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!
action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking
Last synced: 04 Aug 2024
https://github.com/epi052/feroxfuzz
A structure-aware HTTP fuzzing library
fuzzing hacktoberfest http testing
Last synced: 01 Nov 2024
https://github.com/AFLplusplus/Grammar-Mutator
A grammar-based custom mutator for AFL++
afl afl-fuzz aflplusplus fuzzing grammar-fuzzer
Last synced: 04 Aug 2024
https://github.com/trailofbits/siderophile
Find the ideal fuzz targets in a Rust codebase
fuzzing program-analysis rust security-testing
Last synced: 03 Nov 2024
https://github.com/carlospolop/fuzzhttpbypass
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
authentication bypass fuzzing http wfuzz
Last synced: 28 Oct 2024
https://github.com/renatahodovan/fuzzinator
Fuzzinator Random Testing Framework
bughunting fuzzing fuzzing-framework hacktoberfest random-testing security test-automation
Last synced: 07 Aug 2024
https://github.com/SoftSec-KAIST/Fuzzing-Survey
The Art, Science, and Engineering of Fuzzing: A Survey
fuzzer fuzzing genealogy-database visualization
Last synced: 03 Aug 2024
https://github.com/Ackee-Blockchain/trident
Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.
anchor fuzz fuzz-testing fuzzer fuzzing rust solana
Last synced: 13 Oct 2024
https://github.com/ackee-blockchain/trident
Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.
anchor fuzz fuzz-testing fuzzer fuzzing rust solana
Last synced: 11 Oct 2024
https://github.com/ZhangZhuoSJTU/StochFuzz
Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
Last synced: 04 Aug 2024
https://github.com/kazet/wpgarlic
A proof-of-concept WordPress plugin fuzzer
fuzzing security security-tools testing wordpress
Last synced: 02 Aug 2024
https://github.com/trickest/mkpath
Make URL path combinations using a wordlist
bugbountytips directory-bruteforce enumeration fuzzing penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security webappsecurity
Last synced: 04 Aug 2024
https://github.com/youki992/VscanPlus
[VscanPlusๅ ๅค็ฝๆผๆดๆซๆๅทฅๅ ท]ๅทฒๆดๆฐHW็ญ้จๆผๆดๆฃๆตPOCใๅบไบveoๅธๅ ็ๆผๆซๅทฅๅ ทvscanไบๆฌกๅผๅ็็ๆฌ๏ผ็ซฏๅฃๆซๆใๆ็บนๆฃๆตใ็ฎๅฝfuzzใๆผๆดๆซๆๅ่ฝๅทฅๅ ท๏ผๆน้ๅฟซ้ๆฃๆต็ฝ็ซๅฎๅ จ้ๆฃใAn open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
fingerprint fuzzing nuclei portscan security sql-injection xray
Last synced: 10 Sep 2024
https://github.com/shnatsel/libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools
Last synced: 27 Oct 2024
https://github.com/Shnatsel/libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools
Last synced: 03 Nov 2024
https://github.com/k0retux/fuddly
Fuzzing and Data Manipulation Framework (for GNU/Linux)
data-manipulation framework fuzzing python security
Last synced: 02 Aug 2024
https://github.com/galli-leo/emmutaler
A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
Last synced: 04 Aug 2024
https://github.com/npryce/snodge
Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing
binary forms fuzz-testing fuzzing javascript json jvm kotlin kotlin-library test-driven-development testing text xml
Last synced: 31 Oct 2024
https://github.com/0xf4b1/bsod-kernel-fuzzing
BSOD: Binary-only Scalable fuzzing Of device Drivers
Last synced: 27 Oct 2024
https://github.com/SoftSec-KAIST/Eclipser
Grey-box Concolic Testing on Binary Code (ICSE '19)
concolic-testing fsharp fuzzer fuzzing testcase-generator
Last synced: 02 Aug 2024
https://github.com/quarkslab/samsung-trustzone-research
Reverse-engineering tools and exploits for Samsung's implementation of TrustZone
bindings emulation exploitation fuzzing kinibi reverse-engineering samsung tooling trustzone
Last synced: 02 Aug 2024
https://github.com/elceef/subzuf
a smart DNS response-guided subdomain fuzzer
dns fuzzing subdomain-enumeration
Last synced: 31 Oct 2024
https://github.com/michaelstott/crlf-injection-scanner
Command line tool for testing CRLF injection on a list of domains.
bugbounty cli crlf fuzzer fuzzing security-vulnerability
Last synced: 01 Nov 2024
https://github.com/MichaelStott/CRLF-Injection-Scanner
Command line tool for testing CRLF injection on a list of domains.
bugbounty cli crlf fuzzer fuzzing security-vulnerability
Last synced: 24 Oct 2024
https://github.com/0xricksanchez/fisy-fuzz
This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
filesystem freebsd fuzzer fuzzing kernel kernel-panic kernels netbsd openbsd panic security-tools
Last synced: 10 Oct 2024
https://github.com/ksharinarayanan/SourceWolf
Amazingly fast response crawler to find juicy stuff in the source code! ๐๐ฅ
automation broken-link-hijacking bugbounty fuzzing osint reconnaissance wordlist
Last synced: 02 Aug 2024
https://github.com/epi052/fuzzing-101-solutions
Companion repository to the Fuzzing101 with LibAFL series of blog posts.
fuzzing hacktoberfest libafl rust
Last synced: 27 Oct 2024
https://github.com/YasserGersy/cazador_unr
Hacking tools
automation bugbounty bugcrowd bughunting csrf directory-lister dns fuzzing hackerone hacking http information-gathering-tools owasp poc pocgenerator rce sqli subdomains tcp xss
Last synced: 04 Aug 2024
https://github.com/Riscure/optee_fuzzer
This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.
afl fuzzing op-tee trusted-execution-environment
Last synced: 01 Nov 2024
https://github.com/refIekt/reflekt
Reflective testing.
fuzzing generative reflection reflective-testing reflekt testing
Last synced: 06 Aug 2024
https://github.com/ise-uiuc/nnsmith
Automatic DNN generation for fuzzing and more
compiler deep-learning fuzzing machine-learning pytorch tensorflow
Last synced: 11 Oct 2024
https://github.com/rust-fuzz/book
๐ Guides and tutorials on how to fuzz Rust code
documentation fuzz-testing fuzzing rust
Last synced: 01 Aug 2024
https://github.com/agroce/afl-compiler-fuzzer
Variation of american fuzzy lop for testing compilers
afl afl-fuzz compiler-testing fuzzing fuzzing-compilers
Last synced: 27 Oct 2024
https://rust-fuzz.github.io/book/
๐ Guides and tutorials on how to fuzz Rust code
documentation fuzz-testing fuzzing rust
Last synced: 25 Oct 2024
https://github.com/HexHive/FuZZan
FuZZan: Efficient Sanitizer Metadata Design for Fuzzing
addresssanitizer fuzzing sanitizer
Last synced: 04 Aug 2024
https://github.com/mozillasecurity/octo
A fuzzing library in JavaScript. โจ
browser fuzzing fuzzing-framework generators library node random
Last synced: 04 Aug 2024
https://github.com/FuzzingLabs/cairo-fuzzer
Cairo/Starknet smart contract fuzzer
cairo cairo-lang fuzzer fuzzing starknet
Last synced: 03 Aug 2024
https://github.com/microsoft/sca-fuzzer
Revizor - a fuzzer to search for microarchitectural leaks in CPUs
fuzzing meltdown security side-channel spectre-vulnerability
Last synced: 07 Oct 2024
https://github.com/ehmicky/test-each
๐ค Repeat tests. Repeat tests. Repeat tests.
cartesian code-quality data-driven data-driven-testing data-driven-tests es6 foreach functional-programming fuzz fuzz-testing fuzzing iterable javascript library nodejs snapshot-testing test test-automation testing typescript
Last synced: 26 Oct 2024
https://github.com/phayes/sidefuzz
Fuzzer to automatically find side-channel (timing) vulnerabilities
constant-time cryptography dudect fuzzing rust side-channel wasm
Last synced: 03 Nov 2024
https://github.com/Teebytes/TnT-Fuzzer
OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
fuzzer fuzzing json-api openapi pentesting python security swagger
Last synced: 03 Aug 2024
