Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Fuzzing/Fuzz testing
Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program’s reaction to providing invalid, unexpected, or random data as inputs to a computer program.
- GitHub: https://github.com/topics/fuzzing
- Wikipedia: https://en.wikipedia.org/wiki/Fuzzing
- Created by: Barton Miller
- Released: September 1988
- Related Topics: stress-testing, fault-injection, monkey-testing, random-testing, security-testing, test-automation, mutation-testing, cicd, black-box-testing,
- Aliases: fuzz-testing, api-fuzzing,,
- Last updated: 2024-12-25 00:11:07 UTC
- JSON Representation
https://github.com/r1cksec/cheatsheets
Collection of knowledge about information security
active-directory bash cheatsheets fuzzing linux pentest powershell redteam snippets windows
Last synced: 05 Nov 2024
https://github.com/sslab-gatech/winnie
Winnie is an end-to-end system that makes fuzzing Windows applications easy
afl-fuzz fuzzing winafl windows
Last synced: 22 Dec 2024
https://github.com/ex0dus-0x/fuzzable
Framework for Automating Fuzzable Target Discovery with Static Analysis.
binary-analysis fuzzing reverse-engineering security security-tools static-analysis
Last synced: 23 Dec 2024
https://github.com/abhisharma404/vault
swiss army knife for hackers
crawler fuzzing hacking hacking-tool information-gathering lfi networking offensive-security osint pentesting port-scanner python rfi scanner scrapy security sqlite ssl-inspection vault xss-vulnerability
Last synced: 03 Nov 2024
https://github.com/MozillaSecurity/dharma
Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.
context-free fuzzer fuzzing generation grammar python random
Last synced: 09 Nov 2024
https://github.com/mozillasecurity/dharma
Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.
context-free fuzzer fuzzing generation grammar python random
Last synced: 03 Nov 2024
https://github.com/mrash/afl-cov
Produce code coverage results with gcov from afl-fuzz test cases
afl-fuzz code-coverage fuzzing gcov
Last synced: 21 Dec 2024
https://github.com/intel/kernel-fuzzer-for-xen-project
Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
afl fuzzing hypervisor linux-kernel xen
Last synced: 28 Sep 2024
https://github.com/rust-fuzz/honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
crates fuzz fuzz-testing fuzzer fuzzing honggfuzz rust rust-fuzz sanitizer security security-testing security-tools
Last synced: 21 Dec 2024
https://google.github.io/clusterfuzzlite/
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 14 Nov 2024
https://github.com/google/clusterfuzzlite
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 06 Nov 2024
https://github.com/mariovilas/winappdbg
WinAppDbg Debugger
crash-dump debugger fuzzing infosec malware-analysis malware-research python winappdbg windows
Last synced: 21 Dec 2024
https://github.com/loiclec/fuzzcheck-rs
Modular, structure-aware, and feedback-driven fuzzing engine for Rust functions
coverage-guided-fuzzing fuzzer fuzzing grammar-fuzzer property-based-testing rust testing
Last synced: 03 Nov 2024
https://github.com/rust-fuzz/trophy-case
🏆 Collection of bugs uncovered by fuzzing Rust code
fuzz-testing fuzzing rust trophies
Last synced: 22 Dec 2024
https://github.com/rc0r/afl-utils
Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization
afl automation crash-reporting fuzzer fuzzing job-management python-3 security triage
Last synced: 28 Sep 2024
https://github.com/xsscx/commodity-injection-signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss
Last synced: 23 Dec 2024
https://github.com/xsscx/Commodity-Injection-Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss
Last synced: 21 Nov 2024
https://github.com/Brum3ns/firefly
Black box fuzzer for web applications
black-box-testing blackbox bugbounty fuzz fuzzer fuzzing penetration-testing pentesting security-tools web-security
Last synced: 09 Nov 2024
https://github.com/ossf/fuzz-introspector
Fuzz Introspector -- introspect, extend and optimise fuzzers
fuzz-testing fuzzing security security-research testing vulnerability-analysis
Last synced: 22 Dec 2024
https://github.com/mseclab/pyjfuzz
PyJFuzz - Python JSON Fuzzer
crash fuzzer fuzzing json json-api json-schema json-serialization process-crashes
Last synced: 20 Dec 2024
https://github.com/mseclab/PyJFuzz
PyJFuzz - Python JSON Fuzzer
crash fuzzer fuzzing json json-api json-schema json-serialization process-crashes
Last synced: 25 Oct 2024
https://github.com/ucsb-seclab/difuze
Fuzzer for Linux Kernel Drivers
android fuzzing kernel vulnerability-detection
Last synced: 03 Nov 2024
https://github.com/fuzzuf/fuzzuf
Fuzzing Unification Framework
afl afl-fuzz fuzz-testing fuzzer fuzzing fuzzing-framework libfuzzer security testing vuzzer
Last synced: 06 Nov 2024
https://github.com/jwilk/python-afl
American Fuzzy Lop fork server and instrumentation for pure-Python code
Last synced: 23 Dec 2024
https://github.com/LyleMi/papers
Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记
awesome fuzzing papers read-papers reading-notes security
Last synced: 21 Nov 2024
https://github.com/hgascon/pulsar
Protocol Learning and Stateful Fuzzing
fuzzing networking protocol-learning security simulation vulnerability-identification
Last synced: 03 Nov 2024
https://github.com/owasp-dep-scan/blint
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
binary cyclonedx depscan fuzzing malware sbom supply-chain-analytics supply-chain-security
Last synced: 14 Nov 2024
https://github.com/strongcourage/uafuzz
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
Last synced: 21 Nov 2024
https://github.com/andreafioraldi/qasan
QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
Last synced: 15 Oct 2024
https://github.com/renatahodovan/grammarinator
ANTLR v4 grammar-based test generator
antlr4 bughunting fuzzer fuzzing grammar-based-testing hacktoberfest random-testing security test-automation
Last synced: 25 Dec 2024
https://github.com/hugsy/cfb
Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver
Last synced: 23 Dec 2024
https://github.com/d4rckh/vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss
Last synced: 03 Nov 2024
https://github.com/rootup/bfuzz
Fuzzing Browsers
browsers domato fuzzing fuzzing-framework
Last synced: 12 Nov 2024
https://github.com/hugsy/CFB
Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
fuzzing hooking irp irp-monitor kernel vulnerability-research windows windows-driver
Last synced: 21 Nov 2024
https://github.com/RootUp/BFuzz
Fuzzing Browsers
browsers domato fuzzing fuzzing-framework
Last synced: 01 Nov 2024
https://github.com/MozillaSecurity/grizzly
A cross-platform browser fuzzing framework
automated-testing automation framework fuzz-testing fuzzing python security stability test-framework testcase-reducer testing
Last synced: 20 Nov 2024
https://github.com/RapidDNS/Afuzz
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
bugbounty fuzzing pentest pentest-tool pentesting security-tools
Last synced: 21 Nov 2024
https://github.com/zer0yu/berserker
A list of useful payloads for Web Application Security and Pentest/CTF
ctf fuzzing intruder pentest scanner sqli web-application xss xxe
Last synced: 23 Dec 2024
https://github.com/mindpatch/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 23 Dec 2024
https://github.com/codeintelligencetesting/jazzer.js
Coverage-guided, in-process fuzzing for Node.js
fuzzer fuzzing javascript nodejs security testing typescript
Last synced: 22 Dec 2024
https://github.com/HexHive/magma
A ground-truth fuzzing benchmark suite based on real programs with real bugs.
Last synced: 18 Nov 2024
https://github.com/CodeIntelligenceTesting/jazzer.js
Coverage-guided, in-process fuzzing for Node.js
fuzzer fuzzing javascript nodejs security testing typescript
Last synced: 14 Nov 2024
https://github.com/ajinabraham/droid-application-fuzz-framework
Android application fuzzing framework with fuzzers and crash monitor.
android browser corruption crash exploitation fuzzing memory pdf vulnerability
Last synced: 25 Dec 2024
https://github.com/zer0yu/Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
ctf fuzzing intruder pentest scanner sqli web-application xss xxe
Last synced: 25 Oct 2024
https://github.com/ajinabraham/Droid-Application-Fuzz-Framework
Android application fuzzing framework with fuzzers and crash monitor.
android browser corruption crash exploitation fuzzing memory pdf vulnerability
Last synced: 13 Nov 2024
https://github.com/MindPatch/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 03 Nov 2024
https://github.com/hexhive/magma
A ground-truth fuzzing benchmark suite based on real programs with real bugs.
Last synced: 12 Nov 2024
https://project-oak.github.io/rust-verification-tools/
RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
fuzzing klee proptest rust seahorn verification
Last synced: 16 Nov 2024
https://github.com/project-oak/rust-verification-tools
RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
fuzzing klee proptest rust seahorn verification
Last synced: 09 Nov 2024
https://github.com/Charmve/BLE-Security-Attack-Defence
✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless
Last synced: 21 Nov 2024
https://github.com/charmve/ble-security-attack-defence
✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
ble ble-security bluefuzz bluetooth-fuzz bluetooth-le bluetooth-low-energy bluetooth-stack bluetoothle fuzzing hacking reverse reverse-proxy stack vulnerability wireless
Last synced: 24 Dec 2024
https://github.com/geeknik/the-nuclei-templates
Nuclei templates written by us.
fuzzing hacking infosec nuclei open-source oss security templates
Last synced: 21 Nov 2024
https://github.com/chrispetrou/FDsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
directory-traversal directory-traversal-vulnerability enumeration exploitation file-include fuzzing hacking inclusion lfi lfi-shells lfi-vulnerability oscp owasp path-traversal penetration-testing pentesting rfi security security-tools web-security
Last synced: 03 Nov 2024
https://github.com/microsoft/rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
api devops fuzz fuzzing fuzzing-framework rest rest-api
Last synced: 21 Nov 2024
https://github.com/d0c-s4vage/gramfuzz
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.
complex-grammars fuzzer fuzzing grammar parsing
Last synced: 23 Dec 2024
https://github.com/xyntax/filesensor
Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具
crawler fuzzing pentesting scrapy
Last synced: 25 Dec 2024
https://github.com/intel/tsffs
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Last synced: 18 Nov 2024
https://github.com/trailofbits/mishegos
A differential fuzzer for x86 decoders
Last synced: 25 Dec 2024
https://github.com/mc-imperial/jfs
Constraint solver based on coverage-guided fuzzing
constraint-solver coverage-guided-fuzzing floating-point-arithmetic fuzzing jit libfuzzer llvm smtlib smtlibv2 z3
Last synced: 09 Nov 2024
https://github.com/alphaSeclab/fuzzing-stuff
Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl
Last synced: 21 Nov 2024
https://github.com/ispras/casr
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
afl aflplusplus apport appsec coredump crash crash-reporting devsecops dynamic-analysis exploitable fuzzing gdb libfuzzer rust sdl security ssdlc testing triage vulnerability-management
Last synced: 25 Dec 2024
https://github.com/aflplusplus/grammar-mutator
A grammar-based custom mutator for AFL++
afl afl-fuzz aflplusplus fuzzing grammar-fuzzer
Last synced: 25 Dec 2024
https://github.com/carlospolop/fuzzhttpbypass
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
authentication bypass fuzzing http wfuzz
Last synced: 25 Dec 2024
https://github.com/strongcourage/fuzzing-corpus
My fuzzing corpus
corpus file-format fuzzing testsuite vulnerability
Last synced: 26 Sep 2024
https://github.com/alphaseclab/fuzzing-stuff
Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
afl american-fuzzy-lop fuzzing go-fuzz libfuzzer oss-fuzz peach syzkaller winafl
Last synced: 09 Nov 2024
https://github.com/AFLplusplus/Grammar-Mutator
A grammar-based custom mutator for AFL++
afl afl-fuzz aflplusplus fuzzing grammar-fuzzer
Last synced: 21 Nov 2024
https://github.com/ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
401 403 broken-access-controls brute-force bug-bounty bypass curl ethical-hacking fuzzing offensive-security open-redirect owasp-top-10 penetration-testing pycurl python python-requests red-team-engagement security web web-penetration-testing
Last synced: 21 Dec 2024
https://github.com/FuzzAnything/Hopper
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
afl api-testing binary fuzz-driver fuzzer fuzzing fuzzing-framework interpreter library-testing rust security testing
Last synced: 09 Nov 2024
https://github.com/fuzzitdev/fuzzit
CLI to integrate continuous fuzzing with Fuzzit (no longer available)
fuzz-testing fuzzing fuzzit security vulnerability
Last synced: 21 Nov 2024
https://github.com/rust-fuzz/libfuzzer
Rust bindings and utilities for LLVM’s libFuzzer
fuzz-testing fuzzing libfuzzer rust
Last synced: 14 Dec 2024
https://github.com/softsec-kaist/fuzzing-survey
The Art, Science, and Engineering of Fuzzing: A Survey
fuzzer fuzzing genealogy-database visualization
Last synced: 20 Dec 2024
https://github.com/sslab-gatech/janus
Janus: a state-of-the-art file system fuzzer on Linux
btrfs ext4 f2fs filesystem fuzzer fuzzing lkl
Last synced: 12 Nov 2024
https://github.com/ackee-blockchain/trident
Rust-based framework to Fuzz Solana programs, designed to help you ship secure code.
anchor fuzz fuzz-testing fuzzer fuzzing rust solana
Last synced: 21 Dec 2024
https://github.com/SoftSec-KAIST/Fuzzing-Survey
The Art, Science, and Engineering of Fuzzing: A Survey
fuzzer fuzzing genealogy-database visualization
Last synced: 16 Nov 2024
https://github.com/profuzzbench/profuzzbench
ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing
Last synced: 18 Nov 2024
https://github.com/trailofbits/siderophile
Find the ideal fuzz targets in a Rust codebase
fuzzing program-analysis rust security-testing
Last synced: 21 Dec 2024
https://github.com/rubilmax/foundry-gas-diff
🛠️ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!
action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking
Last synced: 25 Dec 2024
https://github.com/Rubilmax/foundry-gas-diff
🛠️ Easily track & compare gas costs estimated by Foundry on each of your Pull Requests!
action actions evm forge foundry fuzzing gas github optimization performance report solidity testing tracking
Last synced: 18 Nov 2024
https://github.com/epi052/feroxfuzz
A structure-aware HTTP fuzzing library
fuzzing hacktoberfest http testing
Last synced: 21 Dec 2024
https://github.com/renatahodovan/fuzzinator
Fuzzinator Random Testing Framework
bughunting fuzzing fuzzing-framework hacktoberfest random-testing security test-automation
Last synced: 24 Dec 2024
https://github.com/zhangzhuosjtu/stochfuzz
Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
Last synced: 19 Dec 2024
https://github.com/Ackee-Blockchain/trident
Rust-based framework to Fuzz and Integration test Solana programs to help you ship secure code.
anchor fuzz fuzz-testing fuzzer fuzzing rust solana
Last synced: 13 Oct 2024
https://github.com/ZhangZhuoSJTU/StochFuzz
Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
Last synced: 21 Nov 2024
https://github.com/nescau-ufla/fuzzingtool
Software for fuzzing, used on web application pentestings.
bruteforce fuzzer fuzzing pentesting-tools python3 web web-fuzzer
Last synced: 22 Dec 2024
https://github.com/kazet/wpgarlic
A proof-of-concept WordPress plugin fuzzer
fuzzing security security-tools testing wordpress
Last synced: 09 Nov 2024
https://github.com/trickest/mkpath
Make URL path combinations using a wordlist
bugbountytips directory-bruteforce enumeration fuzzing penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security webappsecurity
Last synced: 21 Nov 2024
https://github.com/samsung/utopia
UT based automated fuzz driver generation
Last synced: 23 Dec 2024
https://github.com/youki992/VscanPlus
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
fingerprint fuzzing nuclei portscan security sql-injection xray
Last synced: 10 Sep 2024
https://github.com/shnatsel/libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools
Last synced: 27 Oct 2024
https://github.com/Shnatsel/libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
fuzz-testing fuzzing memory-allocator sanitizer security security-audit security-testing security-tools
Last synced: 03 Nov 2024
https://github.com/k0retux/fuddly
Fuzzing and Data Manipulation Framework (for GNU/Linux)
data-manipulation framework fuzzing python security
Last synced: 09 Nov 2024
https://github.com/galli-leo/emmutaler
A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
Last synced: 21 Nov 2024
https://github.com/npryce/snodge
Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing
binary forms fuzz-testing fuzzing javascript json jvm kotlin kotlin-library test-driven-development testing text xml
Last synced: 26 Dec 2024
https://github.com/yuawn/fuzzing
Fuzzing tutorial with easy-to-learn labs 🚀
101 afl automation education fuzz-testing fuzzing instrumentation klee llvm security-testing securtiy symbolic-execution testing tutorial vulnerability
Last synced: 15 Dec 2024
https://github.com/0xf4b1/bsod-kernel-fuzzing
BSOD: Binary-only Scalable fuzzing Of device Drivers
Last synced: 27 Oct 2024