393 Open source projects that are alternatives of or similar to Oss Fuzz

Scalable fuzzing infrastructure.

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

🤖 Repeat tests. Repeat tests. Repeat tests.

Recent Fuzzing Paper

🐇 Fuzzing Rust code with American Fuzzy Lop

🎯 A collection of fuzzing targets written in Rust.

Custom memory allocator that helps discover reads from uninitialized memory

An analysis tool for Python that blurs the line between testing and type systems.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

coverage guided fuzz testing for python

🏆 Collection of bugs uncovered by fuzzing Rust code

coverage guided fuzz testing for javascript

coverage guided fuzz testing for java

CLI to integrate continuous fuzzing with Fuzzit

Go Fuzzit Example

Fuzz testing for jest

Command line helpers for fuzzing

📖 Guides and tutorials on how to fuzz Rust code

A curated list of awesome Fuzzing(or Fuzz Testing) for software security

A cross-platform browser fuzzing framework

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing

Fuzz your Rust code with Google-developed Honggfuzz !

AFL-based fuzz testing for .NET

This is a repo is to upload files done during my research.

OpenType font file format fuzzer for Windows

Fuzzing Unification Framework

A curated list of awesome directed fuzzing research papers

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).

Web Pentesting Fuzz 字典,一个就够了。

syzkaller is an unsupervised coverage-guided kernel fuzzer

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

🦄 A curated list of the awesome resources about the Vulnerability Research

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

WPScan rewritten in Python + some WPSeku ideas

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

kernel privilege escalation enumeration and exploitation framework

A testing framework for automatically finding and simplifying bugs in graphics shader compilers.

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

A static analysis security vulnerability scanner for Ruby on Rails applications

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

FuzzBench - Fuzzer benchmarking as a service.

Pentest Report Generator

This experimetal fuzzer is meant to be used for API in-memory fuzzing.

A unit test-like interface for fuzzing and symbolic execution

Generation-based, context-free grammar fuzzer.

A vulnerable version of Rails that follows the OWASP Top 10

DARPA Challenges Sets for Linux, Windows, and macOS

hacker, ready for more of our story ! 🚀

Kubernetes security notes and best practices

Randomized testing for Go

Security advisory database for Rust crates published through crates.io

A fast, parallel test case minimization tool.

Exercises to learn how to fuzz with American Fuzzy Lop

Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing