Courses & TutorialsSecurity & Cloud

Awesome Fuzzing – Massive Collection of Resources

Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks. Typically, fuzzers are used to test programs that take structured inputs.

A curated list of references to awesome Fuzzing for security testing. Additionally there is a collection of freely available academic papers, tools and so on.

Contents

Books

Talks

Papers

To achieve a well-defined scope, I have chosen to include publications on fuzzing in the last proceedings of 4
top major security conferences and others from Jan 2008 to Jul 2019.
It includes (i) Network and Distributed System Security Symposium (NDSS), (ii) IEEE Symposium on
Security and Privacy (S&P), (iii) USENIX Security Symposium (USEC), and (iv) ACM Conference on Computer and Communications Security (CCS).

The Network and Distributed System Security Symposium (NDSS)

IEEE Symposium on Security and Privacy (IEEE S&P)

USENIX Security

ACM Conference on Computer and Communications Security (ACM CCS)

ArXiv (Fuzzing with Artificial Intelligence & Machine Learning)

The others

Tools

Information about the various open source tools you can use to leverage fuzz testing.

General-purpose

  • radamsa – A general-purpose fuzzer.
  • zzuf – A transparent application input fuzzer.

Binary

  • American fuzzy lop – A security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.
  • WinAFL – A fork of AFL for fuzzing Windows binaries.
  • libFuzzer – A library for coverage-guided fuzz testing. Tutorial from Google.
  • Driller – An implementation of the driller paper. This implementation was built on top of AFL with angr being used as a symbolic tracer.
  • shellphish fuzzer – A Python interface to AFL, allowing for easy injection of testcases and other functionality.
  • Eclipser – A binary-based fuzz testing tool that improves upon classic coverage-based fuzzing by leveraging a novel technique called grey-box concolic testing.

Web, JavaScript

  • jsfunfuzz – JavaScript engine fuzzers.
  • IFuzzer – An Evolutionary Interpreter Fuzzer Using Genetic Programming.
  • domato – DOM fuzzer from Google Project Zero. Blog Post.
  • fuzzilli – A (coverage-)guided Javascript engine fuzzer, written by Samuel Groß.
  • CodeAlchemist – JavaScript engine fuzzer, written by KAIST SoftSec Lab.
  • test-each – Repeat tests using different inputs.
  • gremlins.js – gremlins.js is a monkey testing library written in JavaScript.

Network protocol

  • dtls-fuzzer – A Java tool which performs protocol state fuzzing of DTLS servers.
  • T-Fuzz – T-Fuzz leverages a coverage guided fuzzer to generate inputs.
  • TLS-Attacker – A Java-based framework for analyzing TLS libraries.
  • DELTA – SDN Security evaluation framework.
  • boofuzz – Network Protocol Fuzzing for Humans. Documentation is available at http://boofuzz.readthedocs.io/, including nifty quickstart guides.
  • LL-Fuzzer – An automated NFC fuzzing framework for Android devices.
  • tlsfuzzer – A SSL and TLS protocol test suite and fuzzer.
  • TumbleRF – A framework that orchestrates the application of fuzzing techniques to RF systems.
  • PULSAR – A method for stateful black-box fuzzing of proprietary network protocols.
  • SPIKE – A fuzzer development framework like sulley, a predecessor of sulley.
  • PROTOS – Security testing of protocol implementations.

Driver

  • Charm – A system solution that facilitates dynamic analysis of device drivers of mobile systems.

Platform

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button