Awesome Fuzzing

   

📖 Contents

• Code Analysis
• Tools
• Resources
  • Tutorial
• My Other Awesome Lists
• Contributing
• Contributors

Fuzzing (or fuzz testing) is a software testing technique that involves providing unexpected, invalid, or random data (also known as "fuzz") as input to a program to identify potential bugs, security vulnerabilities, and crashes.

Code Analysis

• Opengrep - 🔎 Static code analysis engine to find security issues in code.

Tools

• afl.rs - Fuzzing Rust code with American Fuzzy Lop
• AFL++ - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
• Honggfuzz - Security oriented software fuzzer.
• libFuzzer - LibFuzzer is an in-process, coverage-guided, evolutionary fuzzing engine.
• OSS-Fuzz - OSS-Fuzz, continuous fuzzing for open source software.
• syzkaller - kernel fuzzer - syzkaller is an unsupervised coverage-guided kernel fuzzer

Resources

Tutorial

• Fuzzing101 - An step by step fuzzing tutorial. A GitHub Security Lab initiative

My Other Awesome Lists

You can access the my other awesome lists here

Contributing

Contributions of any kind welcome, just follow the guidelines!

Contributors

Thanks goes to these contributors!

🔼 Back to top