Top 76 fuzzer open source projects

Structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

High-throughput fuzzer and emulator of DECREE binaries

Fuzz your Rust code with Google-developed Honggfuzz !

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

Semantics-aware Code Generation for Finding JS engine Vulnerabilities

Windows NT x64 syscall fuzzer

coverage guided fuzz testing for java

AFL-based fuzz testing for .NET

An extremely fast and flexible web fuzzer

coverage guided fuzz testing for python

Google Protocol Buffers message generator

ANTLR v4 grammar-based test generator

Janus: a state-of-the-art file system fuzzer on Linux

Learn how to combine libprotobuf-mutator with libfuzzer & AFL++

A user-friendly fuzzing and crash triage tool for Windows

Grey-box Concolic Testing on Binary Code

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

The Art, Science, and Engineering of Fuzzing: A Survey

Bugs are inevitable. Suffering is optional.

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

A fuzzing framework for network servers

Command line tool for testing CRLF injection on a list of domains.

Inferred Model-based Fuzzer

A hypervisor or virtual machine monitor (VMM) fuzzer.

Patches to afl to fix bugs or add enhancements

USB testing made easy

pentest framework

Go Fuzzit Example

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Web path scanner

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

DotDotPwn - The Directory Traversal Fuzzer

Ethereum smart contract fuzzer

A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.

coverage guided fuzz testing for javascript

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

Documenting the Xilinx 7-series bit-stream format.

Fast web fuzzer written in Go

Generation-based, context-free grammar fuzzer.

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

PyJFuzz - Python JSON Fuzzer

syzkaller is an unsupervised coverage-guided kernel fuzzer

SSL and TLS protocol test suite and fuzzer

Web Pentesting Fuzz 字典,一个就够了。

This repository contains full code examples from the book Gray Hat C#

Fast HTTP enumerator

Go Web Application Penetration Test

Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!

A tool for fuzzing for ports that allow outgoing connections

Fuzzing Unification Framework

Customizable TCP fuzzing tool to test for remote buffer overflows.

Offensive Security Certified Profesional (OSCP) course scripts, some have been generalized

Network based protocol fuzzer

fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)

Git folder digger, I'm sure it's worthwhile stuff.

Quality assurance testing for the curl project

OWASP ZAP addon for finding vulnerabilities in JWT Implementations

Fast as Flash Web URL Fuzzing tool written in golang.