Top 239 fuzzing open source projects

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

Fuzzing resources for feeding various fuzzers with input. 🔧

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

Fuzzing framework written in python

swiss army knife for hackers

PyJFuzz - Python JSON Fuzzer

Produce code coverage results with gcov from afl-fuzz test cases

syzkaller is an unsupervised coverage-guided kernel fuzzer

WinAppDbg Debugger

JQF + Zest: Coverage-guided semantic fuzzing for Java.

Web Pentesting Fuzz 字典,一个就够了。

A friendly car security exploration tool for the CAN bus

Protocol Learning and Stateful Fuzzing

Fuzzer for Linux Kernel Drivers

Infosec Wordlists

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Fuzzing cryptographic libraries. Magic bug printer go brrrr.

Fuzzing Browsers

A few SQL and XSS attack tools

ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing

Thin interface for libFuzzer, an in-process, coverage-guided, evolutionary fuzzing engine.

Compress long exception traces down to short signatures

Python based tool for testing whether your API conforms to its Swagger schema

Collection of LLVM passes and triage tools for use with the KRF fuzzer

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

No description or website provided.

Software Papers as Software Modules: Towards a Culture of Reusable Results

Get actually nice HTML coverage overview on libfuzzer runs

Some VxWorks fuzzing examples using Cisco-Kitty and WDBDbg framework

📚 An ultimate collection wordlists of the best-known CMS

Easy fuzzing with go-fuzz

🐰 Tool set for fuzz and stress testing your functions!

Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

Summary of online learning materials

My fuzzing corpus

Tough Fuzzer is an obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter. In each case, the obstacle is insurmountable in a reasonable period of time using random inputs or even coverage-guided mutation.

Corpus of crypto formats

Fuzzing tool written in Golang. Insane monkey not included.

source code audit tool

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

Python bindings for calling radamsa mutators

go-sqlancer

Research papers on ML for security

Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.

Super Fast Concolic Execution Engine based on Source Code Taint Tracing

FuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.

Kernel fuzzer inspired by Syzkaller.

Fuzzing Unification Framework

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

The x86 processor fuzzer

Extension library for the Kitty fuzzing framework

Customizable TCP fuzzing tool to test for remote buffer overflows.

Network and USB protocol fuzzing toolkit.

Automatic Exploit Generation Paper

Interactive CLI Web Crawler

A distributed fuzzing management framework

A multi-purpose extensible self-adaptive evolutionary tool