Awesome Fuzzing / Books |
| Fuzzing-101 | 3,222 | 6 months ago | |
| The Fuzzing Book | | | (2019) |
| The Art, Science, and Engineering of Fuzzing: A Survey | | | (2019) -
Actually, this document is a paper, but it contains more important and essential content than any other book |
| Fuzzing for Software Security Testing and Quality Assurance, 2nd Edition | | | (2018) |
| Fuzzing: Brute Force Vulnerability Discovery, 1st Edition | | | (2007) |
| Open Source Fuzzing Tools, 1st Edition | | | (2007) |
Awesome Fuzzing / Talks |
| Fuzzing Labs - Patrick Ventuzelo | | | , Youtube |
| Effective File Format Fuzzing | | | , Black Hat Europe 2016 |
| Adventures in Fuzzing | | | , NYU Talk 2018 |
| Fuzzing with AFL | | | , NDC Conferences 2018 |
Awesome Fuzzing / Papers / The Network and Distributed System Security Symposium (NDSS) |
| Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators, 2022 | | | |
| MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing, 2022 | | | |
| Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection, 2022 | | | |
| EMS: History-Driven Mutation for Coverage-based Fuzzing, 2022 | | | |
| WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021 | | | |
| Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing, 2021 | | | |
| PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles, 2021 | | | |
| Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases, 2021 | | | |
| HFL: Hybrid Fuzzing on the Linux Kernel, 2020 | | | |
| HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing, 2020 | | | |
| HYPER-CUBE: High-Dimensional Hypervisor Fuzzing, 2020 | | | |
| Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization, 2020 | | | |
| CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines, 2019 | | | |
| PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary, 2019 | | | |
| REDQUEEN: Fuzzing with Input-to-State Correspondence, 2019 | | | |
| Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing, 2019 | | | |
| Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications, 2019 | | | |
| INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing, 2018 | | | |
| IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, 2018 | | | |
| What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, 2018 | | | |
| Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, 2018 | | | |
| Vuzzer: Application-aware evolutionary fuzzing, 2017 | | | |
| DELTA: A Security Assessment Framework for Software-Defined Networks, 2017 | | | |
| Driller: Augmenting Fuzzing Through Selective Symbolic Execution, 2016 | | | |
| Automated Whitebox Fuzz Testing, 2008 | | | |
Awesome Fuzzing / Papers / IEEE Symposium on Security and Privacy (IEEE S&P) |
| PATA: Fuzzing with Path Aware Taint Analysis, 2022 | | | |
| Jigsaw: Efficient and Scalable Path Constraints Fuzzing, 2022 | | | |
| FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks, 2022 | 34 | over 2 years ago | |
| Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis, 2022 | | | |
| BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning, 2022 | | | |
| STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting, 2021 | | | |
| One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation, 2021 | | | |
| NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis, 2021 | | | |
| DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugs, 2021 | | | |
| DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices, 2021 | | | |
| Fuzzing JavaScript Engines with Aspect-preserving Mutation, 2020 | | | |
| IJON: Exploring Deep State Spaces via Fuzzing, 2020 | | | |
| Krace: Data Race Fuzzing for Kernel File Systems, 2020 | | | |
| Pangolin:Incremental Hybrid Fuzzing with Polyhedral Path Abstraction, 2020 | | | |
| RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization, 2020 | | | |
| Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing, 2019 | | | |
| Fuzzing File Systems via Two-Dimensional Input Space Exploration, 2019 | | | |
| NEUZZ: Efficient Fuzzing with Neural Program Smoothing, 2019 | | | |
| Razzer: Finding Kernel Race Bugs through Fuzzing, 2019 | | | |
| Angora: Efficient Fuzzing by Principled Search, 2018 | | | |
| CollAFL: Path Sensitive Fuzzing, 2018 | | | |
| T-Fuzz: fuzzing by program transformation, 2018 | | | |
| Skyfire: Data-Driven Seed Generation for Fuzzing, 2017 | | | |
| Program-Adaptive Mutational Fuzzing, 2015 | | | |
| TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection, 2010 | | | |
Awesome Fuzzing / Papers / USENIX Security |
| StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing, 2022 | | | |
| FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing, 2022 | | | |
| SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing, 2022 | | | |
| AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities, 2022 | | | |
| Stateful Greybox Fuzzing, 2022 | | | |
| BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing, 2022 | | | |
| Fuzzing Hardware Like Software, 2022 | | | |
| Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds, 2022 | | | |
| FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing, 2022 | | | |
| TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities, 2022 | | | |
| MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference, 2022 | | | |
| Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing, 2022 | | | |
| SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel, 2022 | | | |
| Morphuzz: Bending (Input) Space to Fuzz Virtual Devices, 2022 | | | |
| Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing, 2021 | | | |
| ICSFuzz: Manipulating I/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications, 2021 | | | |
| Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing, 2021 | | | |
| Constraint-guided Directed Greybox Fuzzing, 2021 | | | |
| Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types, 2021 | | | |
| UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers, 2021 | | | |
| FANS: Fuzzing Android Native System Services via Automated Interface Analysis, 2020 | | | |
| Analysis of DTLS Implementations Using Protocol State Fuzzing, 2020 | | | |
| EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit, 2020 | | | |
| Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection, 2020 | | | |
| FuzzGen: Automatic Fuzzer Generation, 2020 | | | |
| ParmeSan: Sanitizer-guided Greybox Fuzzing, 2020 | | | |
| SpecFuzz: Bringing Spectre-type vulnerabilities to the surface, 2020 | | | |
| FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning, 2020 | | | |
| Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer, 2020 | | | |
| GREYONE: Data Flow Sensitive Fuzzing, 2020 | | | |
| Fuzzification: Anti-Fuzzing Techniques, 2019 | | | |
| AntiFuzz: Impeding Fuzzing Audits of Binary Executables, 2019 | | | |
| Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems, 2018 | | | |
| MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation, 2018 | | | |
| QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing, 2018 | | | |
| OSS-Fuzz - Google's continuous fuzzing service for open source software, 2017 | | | |
| kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017 | | | |
| Protocol State Fuzzing of TLS Implementations, 2015 | | | |
| Optimizing Seed Selection for Fuzzing, 2014 | | | |
| Dowsing for overflows: a guided fuzzer to find buffer boundary violations, 2013 | | | |
| Fuzzing with Code Fragments, 2012 | | | |
Awesome Fuzzing / Papers / ACM Conference on Computer and Communications Security (ACM CCS) |
| Fuzz on the Beach: Fuzzing Solana Smart Contracts, 2023 | | | |
| NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic, 2023 | | | |
| Profile-Driven System Optimizations for Accelerated Greybox Fuzzing, 2023 | | | |
| Hopper: Interpretative Fuzzing for Libraries, 2023 | | | |
| Greybox Fuzzing of Distributed Systems, 2023 | | | |
| SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities, 2022 | | | |
| SFuzz: Slice-based Fuzzing for Real-Time Operating Systems, 2022 | | | |
| MC^2: Rigorous and Efficient Directed Greybox Fuzzing, 2022 | | | |
| LibAFL: A Framework to Build Modular and Reusable Fuzzers, 2022 | | | |
| JIT-Picking: Differential Fuzzing of JavaScript Engines, 2022 | | | |
| DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing, 2022 | | | |
| SoFi: Reflection-Augmented Fuzzing for JavaScript Engines, 2021 | | | |
| T-Reqs: HTTP Request Smuggling with Differential Fuzzing, 2021 | | | |
| V-SHUTTLE: Scalable and Semantics-Aware Hypervisor Fuzzing, 2021 | | | |
| Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing, 2021 | | | |
| HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs, 2021 | | | |
| Regression Greybox Fuzzing, 2021 | | | |
| Hardware Support to Improve Fuzzing Performance and Precision, 2021 | | | |
| SNIPUZZ: Black-box Fuzzing of IoT Firmware via Message Snippet Inference, 2021 | | | |
| FREEDOM: Engineering a State-of-the-Art DOM Fuzzer, 2020 | | | |
| Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing, 2019 | | | |
| Learning to Fuzz from Symbolic Execution with Application to Smart Contracts, 2019 | | | |
| Matryoshka: fuzzing deeply nested branches, 2019 | | | |
| Evaluating Fuzz Testing, 2018 | | | |
| Hawkeye: Towards a Desired Directed Grey-box Fuzzer, 2018 | | | |
| IMF: Inferred Model-based Fuzzer, 2017 | | | |
| SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits, 2017 | | | |
| AFL-based Fuzzing for Java with Kelinci, 2017 | | | |
| Designing New Operating Primitives to Improve Fuzzing Performance, 2017 | | | |
| Directed Greybox Fuzzing, 2017 | | | |
| SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities, 2017 | | | |
| DIFUZE: Interface Aware Fuzzing for Kernel Drivers, 2017 | | | |
| Systematic Fuzzing and Testing of TLS Libraries, 2016 | | | |
| Coverage-based Greybox Fuzzing as Markov Chain, 2016 | | | |
| eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters, 2016 | | | |
| Scheduling Black-box Mutational Fuzzing, 2013 | | | |
| Taming compiler fuzzers, 2013 | | | |
| SAGE: whitebox fuzzing for security testing, 2012 | | | |
| Grammar-based whitebox fuzzing, 2008 | | | |
| Taint-based directed whitebox fuzzing, 2009 | | | |
Awesome Fuzzing / Papers / ArXiv (Fuzzing with Artificial Intelligence & Machine Learning) |
| MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing, 2020 | | | |
| A Review of Machine Learning Applications in Fuzzing, 2019 | | | |
| Evolutionary Fuzzing of Android OS Vendor System Services, 2019 | | | |
| MoonLight: Effective Fuzzing with Near-Optimal Corpus Distillation, 2019 | | | |
| Coverage-Guided Fuzzing for Deep Neural Networks, 2018 | | | |
| DLFuzz: Differential Fuzzing Testing of Deep Learning Systems, 2018 | | | |
| TensorFuzz: Debugging Neural Networks with Coverage-Guided Fuzzing, 2018 | | | |
| NEUZZ: Efficient Fuzzing with Neural Program Learning, 2018 | | | |
| EnFuzz: From Ensemble Learning to Ensemble Fuzzing, 2018 | | | |
| REST-ler: Automatic Intelligent REST API Fuzzing, 2018 | | | |
| Deep Reinforcement Fuzzing, 2018 | | | |
| Not all bytes are equal: Neural byte sieve for fuzzing, 2017 | | | |
| Faster Fuzzing: Reinitialization with Deep Neural Models, 2017 | | | |
| Learn&Fuzz: Machine Learning for Input Fuzzing, 2017 | | | |
| Complementing Model Learning with Mutation-Based Fuzzing, 2016 | | | |
Awesome Fuzzing / Papers / The others |
| Fuzzle: Making a Puzzle for Fuzzers, 2022 | | | |
| Ifuzzer: An evolutionary interpreter fuzzer using genetic programming, 2016 | | | |
| Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution, 2012 | | | |
| Call-Flow Aware API Fuzz Testing for Security of Windows Systems, 2008 | | | |
| Feedback-directed random test generation, 2007 | | | |
| MTF-Storm:a high performance fuzzer for Modbus/TCP, 2018 | | | |
| A Modbus/TCP Fuzzer for testing internetworked industrial systems, 2015 | | | |
| |
| AFL++ | 5,202 | 6 days ago | AFL++ is a superior fork to Google's AFL - more speed, more and better mutations, more and better instrumentation, custom module support, etc |
| Angora | 925 | over 2 years ago | Angora is a mutation-based coverage guided fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution |
| |
| IvySyn | | | IvySyn is a fully-automated framework for discovering memory error vulnerabilities in Deep Learning (DL) frameworks |
| MINER | 37 | over 1 year ago | MINER is a REST API fuzzer that utilizes three data-driven designs working together to guide the sequence generation, improve the request generation quality, and capture the unique errors caused by incorrect parameter usage |
| RestTestGen | 38 | 8 months ago | RestTestGen is a robust tool and framework designed for automated black-box testing of RESTful web APIs |
| GraphFuzz | 9 | over 2 years ago | GraphFuzz is an experimental framework for building structure-aware, library API fuzzers |
| Minerva | 31 | 9 months ago | Minerva is a browser fuzzer augmented by API mod-ref relations, aiming to synthesize highly-relevant browser API invocations in each test case |
| FANS | 242 | about 4 years ago | FANS is a fuzzing tool for fuzzing Android native system services. It contains four components: interface collector, interface model extractor, dependency inferer, and fuzzer engine |
| |
| DifuzzRTL | 74 | 6 months ago | DifuzzRTL is a differential fuzz testing approach for CPU verification |
| MorFuzz | 23 | 11 months ago | MorFuzz is a generic RISC-V processor fuzzing framework that can efficiently detect software triggerable functional bugs |
| SpecFuzz | 30 | almost 5 years ago | SpecFuzz is a tool to enable fuzzing for Spectre vulnerabilities |
| Transynther | 18 | over 4 years ago | Transynther automatically generates and tests building blocks for Meltdown attacks with various faults and microcode assists |
| |
| TEFuzz | 15 | over 1 year ago | TEFuzz is a tailored fuzzing-based framework to facilitate the detection and exploitation of template escape bugs |
| Witcher | 77 | 12 months ago | Witcher is a web application fuzzer that utilizes mutational fuzzing to explore web applications and fault escalation to detect command and SQL injection vulnerabilities |
| CorbFuzz | 3 | about 3 years ago | CorbFuzz is a state-aware fuzzer for generating as much reponses from a web application as possible without need of setting up database, etc |
| |
| Fluffy | 54 | over 3 years ago | Fluffy is a multi-transaction differential fuzzer for finding consensus bugs in Ethereum |
| LOKI | 11 | over 1 year ago | LOKI is a blockchain consensus protocol fuzzing framework that detects the consensus memory related and logic bugs |
| |
| Squirrel | 185 | almost 2 years ago | Squirrel is a fuzzer for database managment systems (DBMSs) |
awesome-fuzzing 
sindresorhus/awesome
jnv/lists
0ex/more-awesome
hexsecs/awesome-embedded-security
openhwgroup/cvw
pieter3d/simview
yosyshq/oss-cad-suite-build
dvyukov/go-fuzz