Fuzzing
Showing 36 of 44 projects
An advanced XSS detection suite that uses context analysis and intelligent payload generation to find vulnerabilities.
A blazing fast, portable, and modular toolkit for Ethereum application development written in Rust.
A Python library for property-based testing that generates random inputs to find edge cases and bugs.
AFL++ is a community-enhanced, high-performance fork of the AFL fuzzer with advanced instrumentation, mutators, and speed improvements.
A modular web application fuzzer that replaces FUZZ keywords with payloads to test parameters, authentication, forms, and directories.
An unsupervised coverage-guided kernel fuzzer for finding bugs in operating system kernels like Linux, Windows, and BSD variants.
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation.
A coverage-guided fuzzing solution for testing Go packages, especially those parsing complex or untrusted inputs.
A lightweight Linux process isolation tool using namespaces, cgroups, rlimits, and seccomp-bpf syscall filters for enhanced security.
A security-oriented, feedback-driven, evolutionary software fuzzer that uses hardware and software code coverage to find bugs.
Automatically generate thousands of test cases from OpenAPI or GraphQL schemas to find edge-case API bugs.
A collection of potentially dangerous file names and paths for security testing and fuzzing.
A self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing to harden software prior to release.
A modular Rust library for building fast, scalable, and customizable fuzzers that work across multiple platforms and instrumentation backends.
Guidelines, best practices, and training material for writing secure smart contracts across multiple blockchain platforms.
Guidelines, best practices, and training material for writing secure smart contracts across multiple blockchain platforms.
A Rust library for fuzzing Rust code with AFLplusplus to find security and stability issues.
A grammar-based DOM fuzzer that generates HTML, CSS, and JavaScript test cases to find security vulnerabilities in web browsers.
Automated testing tool that finds logic and performance bugs in database management systems (DBMSs) through intelligent SQL generation and validation.
A curated list of awesome fuzzing resources, tools, and academic papers for software security testing.
A mutation-based coverage-guided fuzzer that increases branch coverage by solving path constraints without symbolic execution.
A friendly automotive security exploration tool for the CAN bus, enabling zero-knowledge discovery of services and vulnerabilities.
A security analysis toolkit with GUI for proprietary automotive CAN and CAN FD protocols, featuring modular analysis mechanisms.
A free and open-source Ruby toolkit for security research and development, featuring CLI commands and libraries for encoding, networking, exploits, and more.
A hardware-assisted feedback fuzzing framework for discovering vulnerabilities in x86-64 OS kernels.
An automated API security testing tool that generates and runs fuzzing attacks based on an OpenAPI/Swagger specification.
A full-featured testing framework for Go with assertions, fuzzing, output capturing, and clean, colorful output.
A Rust-based manually-guided fuzzing framework for Solana programs, processing up to 12,000 transactions per second.
A fuzzer for Linux kernel drivers that combines interface recovery via LLVM analysis with a fuzzing engine to find security vulnerabilities.
A curated collection of CVEs, research, tools, and resources for WebSocket security testing and vulnerability research.
An automatic bug-finding tool for C, C++, Go, Rust, and Zig using WebAssembly-level symbolic execution.
A USB proxy for intercepting and modifying USB traffic between devices and hosts, enabling security testing and device emulation.
A small, public domain or Apache 2.0 licensed C++ JPEG compression and fuzzed low-RAM decompression codec.
A generic fuzzing and delta-debugging framework for generating and reducing structured data using an EBNF-like notation.
A state-of-the-art file system fuzzer for Linux that explores both image and syscall input spaces simultaneously to find memory corruptions.
A dependency-aware GraphQL API fuzzing tool that automatically generates and executes security tests based on schema introspection.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.