Project Awesome project awesome

Fuzzing

Automated software testing technique that involves feeding pseudo-randomly generated input data.

Collection 964 stars GitHub

Contents

Books
Papers
Tools

Books

Papers

PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles, 2021

https://beerkay.github.io/papers/Berkay2021PGFuzzNDSS.pdf

Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, 2018

https://lifeasageek.github.io/papers/han:meds.pdf

kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017 12.0k updated 1mo ago
HFL: Hybrid Fuzzing on the Linux Kernel, 2020

https://www.unexploitable.systems/publication/kimhfl/

HYPER-CUBE: High-Dimensional Hypervisor Fuzzing, 2020

https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/02/07/Hyper-Cube-NDSS20.pdf

Hawkeye: Towards a Desired Directed Grey-box Fuzzer, 2018

https://chenbihuan.github.io/paper/ccs18-chen-hawkeye.pdf

SAGE: whitebox fuzzing for security testing, 2012

https://dl.acm.org/citation.cfm?id=2094081

Taint-based directed whitebox fuzzing, 2009

https://dl.acm.org/citation.cfm?id=1555061

Grammar-based whitebox fuzzing, 2008

https://dl.acm.org/citation.cfm?id=1375607

2022 (5 papers)

FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks, 2022 37 updated 4y ago

https://github.com/purseclab/fuzzusb/blob/main/paper/fuzzusb.pdf

USENIX Security

kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017

Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017

ACM Conference on Computer and Communications Security (ACM CCS)

HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs, 2021

https://www.microsoft.com/en-us/research/uploads/prod/2021/09/hyperfuzzer-ccs21.pdf

ArXiv (Fuzzing with Artificial Intelligence & Machine Learning)

Complementing Model Learning with Mutation-Based Fuzzing, 2016
MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing, 2020
A Review of Machine Learning Applications in Fuzzing, 2019
Evolutionary Fuzzing of Android OS Vendor System Services, 2019
MoonLight: Effective Fuzzing with Near-Optimal Corpus Distillation, 2019
TensorFuzz: Debugging Neural Networks with Coverage-Guided Fuzzing, 2018
DLFuzz: Differential Fuzzing Testing of Deep Learning Systems, 2018
NEUZZ: Efficient Fuzzing with Neural Program Learning, 2018
EnFuzz: From Ensemble Learning to Ensemble Fuzzing, 2018 67 updated 6y ago
REST-ler: Automatic Intelligent REST API Fuzzing, 2018
Deep Reinforcement Fuzzing, 2018
Not all bytes are equal: Neural byte sieve for fuzzing, 2017
Faster Fuzzing: Reinitialization with Deep Neural Models, 2017
Learn&Fuzz: Machine Learning for Input Fuzzing, 2017
Complementing Model Learning with Mutation-Based Fuzzing, 2016

The Network and Distributed System Security Symposium (NDSS)

WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021

2021

WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021

https://taesoo.kim/pubs/2021/jung:winnie.pdf

2018 (2 papers)

Hawkeye: Towards a Desired Directed Grey-box Fuzzer

https://chenbihuan.github.io/paper/ccs18-chen-hawkeye.pdf

2021 (8 papers)

HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs

https://www.microsoft.com/en-us/research/uploads/prod/2021/09/hyperfuzzer-ccs21.pdf

Hardware Support to Improve Fuzzing Performance and Precision

https://gts3.org/assets/papers/2021/ding:snap.pdf

2017 (7 papers)

DIFUZE: Interface Aware Fuzzing for Kernel Drivers

https://acmccs.github.io/papers/p2123-corinaA.pdf

2016 (3 papers)

Systematic Fuzzing and Testing of TLS Libraries

https://www.nds.rub.de/media/nds/veroeffentlichungen/2016/10/19/tls-attacker-ccs16.pdf

eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.817.5616&rep=rep1&type=pdf

Tools

File

AFL++ 6.4k updated 1mo ago

A superior fork to Google's AFL with more speed, more and better mutations, more and better instrumentation, and custom module support.

Angora 955 updated 3y ago

A mutation-based coverage guided fuzzer that increases branch coverage by solving path constraints without symbolic execution.

API

MINER 43 updated 3y ago

A REST API fuzzer that utilizes three data-driven designs working together to guide sequence generation, improve request generation quality, and capture unique errors caused by incorrect parameter usage.

RestTestGen 62 updated 4mo ago

A robust tool and framework designed for automated black-box testing of RESTful web APIs.

GraphFuzz 10 updated 4y ago

An experimental framework for building structure-aware, library API fuzzers.

Minerva 35 updated 2y ago

A browser fuzzer augmented by API mod-ref relations, aiming to synthesize highly-relevant browser API invocations in each test case.

FANS 265 updated 5y ago

FANS is a fuzzing tool for fuzzing Android native system services. It contains four components: interface collector, interface model extractor, dependency inferer, and fuzzer engine.

FANS

A fuzzing tool for Android native system services with four components: interface collector, interface model extractor, dependency inferer, and fuzzer engine.

CPU

DifuzzRTL

A differential fuzz testing approach for CPU verification.

MorFuzz 49 updated 1y ago

A generic RISC-V processor fuzzing framework that can efficiently detect software triggerable functional bugs.

SpecFuzz

A tool to enable fuzzing for Spectre vulnerabilities.

Transynther 19 updated 5y ago

Automatically generates and tests building blocks for Meltdown attacks with various faults and microcode assists.

Web

TEFuzz 17 updated 3y ago

A tailored fuzzing-based framework to facilitate the detection and exploitation of template escape bugs.

Witcher 104 updated 2y ago

A web application fuzzer that utilizes mutational fuzzing to explore web applications and fault escalation to detect command and SQL injection vulnerabilities.

CorbFuzz 5 updated 4y ago

A state-aware fuzzer for generating as many responses from a web application as possible without need of setting up a database.

Blockchain

Fluffy 62 updated 4y ago

A multi-transaction differential fuzzer for finding consensus bugs in Ethereum.

LOKI 20 updated 2y ago

A Blockchain consensus protocol fuzzing framework that detects consensus memory related and logic bugs.

DBMS

Squirrel 210 updated 3y ago

A fuzzer for database management systems (DBMSs).

Kernel

ACTOR

(2023) - An action-guided kernel fuzzing framework that generates inputs leveraging triggered actions and their temporal relationships.

NTFuzz

(2021) - A type-aware Windows kernel fuzzer that statically analyzes system binaries to infer system call types for more effective fuzzing.

KRACE

(2020) - A coverage-guided fuzzing framework that detects data races in kernel file systems by exploring concurrency through multi-threaded syscall sequences.

Razzer

(2019) - A kernel fuzzer that uses static analysis and two-phase fuzzing to detect race conditions and concurrency bugs in Linux kernels.

Hydra

(2019) - A fuzzing framework for automatically discovering semantic bugs in file systems using input mutators, feedback engines, and customizable checkers.

Janus

(2019) - A file system fuzzer that finds memory corruptions in Linux kernel file systems by mutating both filesystem images and syscall sequences simultaneously.

DIFUZE

(2017) - An interface-aware fuzzer for Linux kernel drivers that automatically recovers ioctl interfaces via LLVM analysis and generates targeted test cases.

IMF

(2017) - A kernel API fuzzer that leverages automated API model inference to discover vulnerabilities in macOS kernel APIs.

kAFL

(2017) - A hardware-assisted x86-64 VM kernel fuzzing framework with performant VM reloads for finding OS kernel vulnerabilities.

syzkaller

(2015) - An unsupervised coverage-guided kernel fuzzer supporting FreeBSD, Fuchsia, gVisor, Linux, NetBSD, OpenBSD, and Windows.

Trinity

(2012) - A Linux system call fuzzer that generates semi-intelligent random arguments to syscalls, including valid file descriptors, flags, and range-biased values.