american fuzzy lop (2.52b)

GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C - github/cmark-gfm

Yet another blog...

Increase security awareness. Promote, reinforce and learn security skills.

A catalogue of software constructs, languages, or APIs which are unexpectedly Turing-complete; implications for security and reliability.

In this article I demonstrate how to fuzz test floating point code using libFuzzer.

Go 1.18, the biggest release of the Go language since Go 1.0 in March 2012, is expected to be r [...]

CommonMark parsing and rendering library and program in C - swiftlang/swift-cmark

I’ve been working on a bunch of longform obligation pieces and while they’re a lot of fun, they’re also steadily driving me insane. So I took a day off to write about all of the kinds of automated testing I know about. I’m defining tests here to be “an independent verification program that, as part of verification, executes the code we want to verify.” This means types are not tests, as they don’t involve execution of the code, and contracts are not tests, because they’re not executed as an independent program.

Contribute to PierreZ/rust-mini-fuzzer development by creating an account on GitHub.

Tools and techniques used to test coreutils

A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz) - mrash/afl-cve

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Develo...

M. Stoeckl's website

Markdown translator producing HTML5 and roff documents in the ms and man formats.

Tutorials, examples, discussions, research proposals, and other resources related to fuzzing - google/fuzzing

AFL-based fuzz testing for .NET. Contribute to Metalnem/sharpfuzz development by creating an account on GitHub.

AFL-based fuzz testing for .NET. Contribute to Metalnem/sharpfuzz development by creating an account on GitHub.

Randomized testing for Go. Contribute to dvyukov/go-fuzz development by creating an account on GitHub.

AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf) - aflnet/aflnet

Inspiration: I wrote my undergrad Thesis on a new distributed fuzzer called Hopper that I built, and I always get the question: "What is a…

These testcases are generated by running afl-fuzz against libbitcoinconsensus. - jonasnick/bitcoinconsensus_testcases

Property fuzzing for OCaml. Contribute to stedolan/crowbar development by creating an account on GitHub.

Crowbar + Alcotest. Contribute to samoht/alcobar development by creating an account on GitHub.

To stop it falling into the wrong hands

I made a very explicit, pragmatic design decision with afl-fuzz : for performance and reliability reasons, I did not want to get into stati...

Testing code fidelity with TLA+ specs at MongoDB. Explore conformance checking experiences and agile modelling in distributed systems.

Testing code fidelity with TLA+ specs at MongoDB. Explore conformance checking experiences and agile modelling in distributed systems.

It’s been a few weeks I’ve been playing with afl-fuzz ( american fuzzy lop ), a great tool from lcamtuf which uses binary instrumentation to create edge-cases…

A fork of AFL for fuzzing Windows binaries. Contribute to ivanfratric/winafl development by creating an account on GitHub.

Introducing a new templating engine

Justin Cormack blog

🐇 Fuzzing Rust code with American Fuzzy Lop. Contribute to rust-fuzz/afl.rs development by creating an account on GitHub.

🏆 Collection of bugs uncovered by fuzzing Rust code - rust-fuzz/trophy-case

Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input. In pure Ruby, these bugs may result in unexpected exceptions that could lead to denial of service, and in Ruby C extensions, they […]

Intro Goal When stumbling upon the great American Fuzzy Lop and trying its awesome deterministic fuzzing capabilities and instrument...

Fuzzing is nowadays the attack technique used by a lot of pentesters and security researchers. Whether you’re looking for vulnerabilities in media files (pictures, videos, audio stuff) or just binary files, fuzzing is the right approach if you don’t want to do some static code analysis or debug the hell out of your targets. When it comes to fuzzing there are a few tools to mention that have established during the last years.

Posted by Samuel Groß, Project ZeroThis blog post discusses an old type of issue, vulnerabilities...

Vulnerability research, software development, and other technobabble.

While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.

While source code is critical for user autonomy, it isn’t required to evaluate software security or understand run-time behavior. One of the biggest parts of the Free and Open Source Software definitions is the freedom to study a program and modify it; in other words, access to editable source code. I agree that such access is essential; however, far too many people support source availability for the wrong reasons. One such reason is that source code is necessary to have any degree of transparency into how a piece of software operates, and is therefore necessary to determine if it is at all secure or trustworthy.

American fuzzy lop aka AFL is one of the easiest and best fuzzers out there and should be part of your development cycle if you care at least one bit about the security of your code. Its performance in OS X is a bit of a let down because of issues at fork() system call. AFL warns you about this when compiling it: WARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of fork() on this OS. Consider using Linux or *BSD. You can also use VirtualBox (virtualbox.org) to put AFL inside a Linux or *BSD VM.

The AFLplusplus website

Guide on how to fuzz test software written in the Rust programming language

Fuzzing is a testing technique with randomized inputs that is used to find problematic edge cas [...]

Anyone familiar with computer security should be familiar with the concept of fuzzing. You throw garbage data at a program, over and over again, to see if it crashes. If it does, you might have a security issue. It’s a great way to do automated security testing of software, and has uncovered countless critical issues in software across the board. A popular fuzzing framework, American Fuzzy Lop (usually called afl or afl-fuzz for short), even has a “trophy case” for only a small percentage of the bugs it has uncovered—and there are over 150 bugs listed! Although usually not very intelligent, and limited in the scope of the bugs it can find, fuzzing is a common and effective practice for finding security bugs in software that is complex enough for issues to not be immediately obvious upon source inspection. Being a stochastic process, fuzzing can take a lot of time and careful selection of input cases (for mutational fuzzers) to produce good results. Conversely, it can also be left running processing as a background task for weeks or months with little interaction. As such, fuzzing is often employed in commonly deployed libraries such as libPNG, and widely used software such as Flash. A myriad of different projects use fuzzing to help find bugs, especially as software security comes more to the forefront of engineers’ minds.

We're given a Linux binary which asks for input: +-----------------------+ | Welcome Hero | +-----------------------+ [!] Que...

Using a modern fuzzing technique to validate the high-level logic of a safe Rust library.

How a 600-line Rust fuzzer discovers a 3-byte crash sequence in 9,000 iterations instead of 16 million

TLDR I ran afl-fuzz against libbitcoinconsensus to discover interesting Bitcoin scripts and used them to search for Bitcoin reimplementations …

What is a fuzzer, in the first place? And why do we use it?

In a previous job, amongst many other things I was responsible for the tending of a small herd of HP DL-whatever servers, ~1500 machines all running RHEL. These were considered mission-critical for…

Using one of the test cases from the previous post , I examine what affects AFL's ability to find a bug placed by LAVA in a program. Along ...

Five years ago we tried to test conformance, and only half-succeeded. Here's what happened, and the view from 2025.

My descent began with a user reporting a bug and I fear I am still on my way down. The bug was simple enough, a windows bitmap file cau...

As a new year is popping up, it is time to take good resolutions. To help you, especially if you are a C/C++ developer, this article gives ...

Fuzz testing killing C

A blog about computer science, systems, technology, and sometimes vegan cooking.

Discussion on some aspects of the sanitizer interface provided by modern compilers.

La Maison-Blanche demande un audit sur la sécurité des logiciels open source. Partie 2/3 : audit automatique des projets.

Intro The architectures of software fuzzing setups that authors of security fuzzing tools had originally implemented were fairly simple. I...

Block chaining to the rescue. UPDATED 2018-09-22

My descent began with a user reporting a bug and I fear I am still on my way down. The bug was simple enough, a windows bitmap file cau...

Three years ago I wrote about using the AFL fuzzer to find bugs in several NetSurf libraries. I have repeated this exercise a couple of t...

Introduction. In this blog post I mainly want to summarize my latest experiments at using clang's static analyzer and some thoughts on wha...

“Property-based testing” refers to the idea of writing statements that should be true of your code (“properties”), and then using automated tooling to generate test inputs (typically, randomly-generated inputs of an appropriate type), and observe whether the properties hold for that input. If an input violates a property, you’ve demonstrated a bug, as well as a convenient example that demonstrates it. A classic example of property-based testing is testing a sort function:

A guide to the adventurer. Contribute to joaocarvalhoopen/How_to_learn_modern_Rust development by creating an account on GitHub.

CommonMark parsing and rendering library and program in C - commonmark/cmark

It’s been an unusual internship season.

(Continuing from last time). procedural macros Also known as syntax extensions or syntax plugins or compiler plugins (which they are just a category of). I'll not get into the naming thing here, but I'll try and stick to 'procedural macro'. Procedural macros are implemented using pure Rust code at the

While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.