GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → vanhauser-thc → libfuzzer-cov

vanhauser-thc / libfuzzer-cov

Licence: AGPL-3.0 License
Get actually nice HTML coverage overview on libfuzzer runs

Programming Languages

shell
77523 projects
C++
36643 projects - #6 most used programming language

Labels

coveragefuzzinglibfuzzer

Projects that are alternatives of or similar to libfuzzer-cov

ManuFuzzer
Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
Stars: ✭ 118 (+490%)
Mutual labels:  fuzzing, libfuzzer
fuzzuf
Fuzzing Unification Framework
Stars: ✭ 263 (+1215%)
Mutual labels:  fuzzing, libfuzzer
Sloth
Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation
Stars: ✭ 91 (+355%)
Mutual labels:  fuzzing, libfuzzer
ML4Sec-papers
Research papers on ML for security
Stars: ✭ 27 (+35%)
Mutual labels:  fuzzing
pyradamsa
Python bindings for calling radamsa mutators
Stars: ✭ 16 (-20%)
Mutual labels:  fuzzing
fuzzing-corpus
My fuzzing corpus
Stars: ✭ 120 (+500%)
Mutual labels:  fuzzing
UltimateCMSWordlists
📚 An ultimate collection wordlists of the best-known CMS
Stars: ✭ 54 (+170%)
Mutual labels:  fuzzing
example-node-and-browser-qunit-ci
Example project with continuous integration for linting and cross-browser testing of isomorphic JavaScript.
Stars: ✭ 18 (-10%)
Mutual labels:  coverage
javacard-gradle-template
JavaCard project template for building CAP and running JCardSim with gradle + coverage
Stars: ✭ 27 (+35%)
Mutual labels:  coverage
crypto-corpus
Corpus of crypto formats
Stars: ✭ 12 (-40%)
Mutual labels:  fuzzing
fuzz-monkey
Fuzzing tool written in Golang. Insane monkey not included.
Stars: ✭ 13 (-35%)
Mutual labels:  fuzzing
instrumentation
Assorted pintools
Stars: ✭ 24 (+20%)
Mutual labels:  coverage
emmutaler
A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
Stars: ✭ 126 (+530%)
Mutual labels:  fuzzing
security-study-tutorial
Summary of online learning materials
Stars: ✭ 73 (+265%)
Mutual labels:  fuzzing
go-sqlancer
go-sqlancer
Stars: ✭ 61 (+205%)
Mutual labels:  fuzzing
fuzzing
🐰 Tool set for fuzz and stress testing your functions!
Stars: ✭ 22 (+10%)
Mutual labels:  fuzzing
fuzzing-tutorial
Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.
Stars: ✭ 74 (+270%)
Mutual labels:  fuzzing
srcinv
source code audit tool
Stars: ✭ 45 (+125%)
Mutual labels:  fuzzing
toughfuzzer
Tough Fuzzer is an obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter. In each case, the obstacle is insurmountable in a reasonable period of time using random inputs or even coverage-guided mutation.
Stars: ✭ 18 (-10%)
Mutual labels:  fuzzing
VxFuzz
Some VxWorks fuzzing examples using Cisco-Kitty and WDBDbg framework
Stars: ✭ 16 (-20%)
Mutual labels:  fuzzing
View All Similar Projects ➔

coverage for libfuzzer

libfuzzer is good but checking the coverage the tools are not as advanced as what gcc has available.

hence these tools to have gcc coverage on libfuzzer fuzzing targets

NOTE: by default clang/clang++ is used. if you want to use gcc/g++ instead then specify the -g option in cov-build.sh and cov-generate.sh, and edit cov-compile.sh to use the g++ line instead.

how-to

step 1: build the target

build the target library for coverage with cov-build.sh. usually enough is a

$ cov-build.sh ./configure --disable-shared

step 2: build the coverage tool

same as the fuzz.cc harness to fuzz, we need to have a tool built to to get the coverage. this is easy:

Execute with your fuzzing harness: ./cov-compile.sh fuzz.cc .libs/libfoo.a -Iinclude -I. (Basically the same options you needed to compile your fuzzing harness.)

step 3: gather the coverage

simply run the cov-generate.sh script with the libfuzzer queue directory and the compiled cov binary (you must still be in the source top directory of the for coverage compiled target):

$ cov-generate.sh ../libTARGET/queue ./cov

step 4: view the coverage

open a webbrowser for ./report/index.html

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].