Top 239 fuzzing open source projects

Android application fuzzing framework with fuzzers and crash monitor.

Structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

A cross-platform browser fuzzing framework

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).

Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

🏆 Collection of bugs uncovered by fuzzing Rust code

Fuzz your Rust code with Google-developed Honggfuzz !

CLI to integrate continuous fuzzing with Fuzzit

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

Constraint solver based on coverage-guided fuzzing

Rapid is a Go library for property-based testing that supports state machine ("stateful" or "model-based") testing and fully automatic test case minimization ("shrinking")

Rockyou for web fuzzing

A list of useful payloads for Web Application Security and Pentest/CTF

A fuzzer for full VM kernel/driver targets

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

coverage guided fuzz testing for java

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

AFL-based fuzz testing for .NET

Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记

Simple script for generating Malformed QRCodes.

vfuzz

Property based testing framework for JavaScript (like QuickCheck) written in TypeScript

coverage guided fuzz testing for python

A high performance offensive security tool for reconnaissance and vulnerability scanning

Seeding fuzzers with symbolic execution

Domain-Specific Fuzzing with Waypoints

An open source fuzzing framework for fun.

Fuzzinator Random Testing Framework

ANTLR v4 grammar-based test generator

Fuzzing and Data Manipulation Framework (for GNU/Linux)

Custom memory allocator that helps discover reads from uninitialized memory

Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers, and facilitating the process of analyzing Windows drivers for vulnerabilities

Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.

Janus: a state-of-the-art file system fuzzer on Linux

A fork of AFL for fuzzing Windows binaries

A user-friendly fuzzing and crash triage tool for Windows

Reflective testing.

Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

The Art, Science, and Engineering of Fuzzing: A Survey

HTML5 WebSocket message fuzzer

A fast SAT solver

wooyun public information backup

Bugs are inevitable. Suffering is optional.

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

A collection of various awesome lists for hackers, pentesters and security researchers

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)

A container repository for my public web hacks!

A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.

A fuzzing library in JavaScript. ✨

Hacking tools

Command line tool for testing CRLF injection on a list of domains.

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

DOM fuzzer