240 Open source projects that are alternatives of or similar to fuzzing

HTTP fuzzer engine security oriented

My Material for the HITB presentation

FuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.

BSOD: Binary-only Scalable fuzzing Of device Drivers

A simple program reducer for any language.

This repository contains the tools we used in our research on the Google Titan M chip

Rust语言安全相关分析

Extract endpoints marked as disallow in robots files to generate wordlists.

StateAFL: A Greybox Fuzzer for Stateful Network Servers

Fuzzing Unification Framework

RAS(RAndom Subdomain) Fuzzer

Find exploitable PHP files by parameter fuzzing and function call tracing

Dockerfile for AFL++ and helpful other tools

My fuzzing corpus

Companion repository to the Fuzzing101 with LibAFL series of blog posts.

Fuzz testing for jest

Small but effective wordlist for brute-forcing and discovering hidden things.

The x86 processor fuzzer

MediaTek Fuzzing Workshop in HITCON 2021

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

Android application fuzzing framework with fuzzers and crash monitor.

AFL binary instrumentation

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

Customizable TCP fuzzing tool to test for remote buffer overflows.

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).

Automatic function exporting and linking for fuzzing cross-architecture binaries.

Fuzzing and Data Manipulation Framework (for GNU/Linux)

Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

Fuzz your Rust code with Google-developed Honggfuzz !

AFL "mostly" ported to cygwin

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

Automatic Exploit Generation Paper

Rapid is a Go library for property-based testing that supports state machine ("stateful" or "model-based") testing and fully automatic test case minimization ("shrinking")

OpenType font file format fuzzer for Windows

A list of useful payloads for Web Application Security and Pentest/CTF

go-sqlancer

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

yet another dirbuster

coverage guided fuzz testing for java

A distributed fuzzing management framework

AFL-based fuzz testing for .NET

This is a repo is to upload files done during my research.

Simple script for generating Malformed QRCodes.

Corpus of crypto formats

Property based testing framework for JavaScript (like QuickCheck) written in TypeScript

A fast SAT solver

A high performance offensive security tool for reconnaissance and vulnerability scanning

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

Domain-Specific Fuzzing with Waypoints

Network based protocol fuzzer

🎯 A collection of fuzzing targets written in Rust.

Fuzzinator Random Testing Framework

Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.

FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares

X41 Smartcard Fuzzer

Summary of online learning materials

Fuzzing tool written in Golang. Insane monkey not included.

Super Fast Concolic Execution Engine based on Source Code Taint Tracing

Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.