Best Fuzz Testing Apps for Android of 2024

Honggfuzz, a software fuzzer focusing on security, is available. Supports evolutionary feedback-driven fuzzing (SW and Hardware-based) based on code cover. Honggfuzz is multi-processed and multi-threaded. You don't need to run multiple instances of your fuzzer as it can unlock all of your CPU cores. The file corpus will be automatically shared and improved among all fuzzed process. When persistent fuzzing is used, it's lightning fast. A simple/empty LLVMFuzzerTestOneInput function can be tested with up to 1mo iteration per second on a relatively modern CPU. Honggfuzz has a track record of discovering security bugs. The only vulnerability (to date) in OpenSSL that received the critical score was discovered by Honggfuzz. It will report hijacked/ignored crashes signals (intercepted by a fuzzed application and potentially hidden).

Afl-unicorn allows you to fuzz any binary code that can be emulated using Unicorn Engine. Afl-unicorn can fuzz any binary that can be emulated by Unicorn Engine. Unicorn Mode implements the block-edge instrumentation normally done by AFL's QEMU Mode into Unicorn Engine. AFL will basically use block coverage data from any emulated code to drive its input. The idea revolves around a Unicorn test harness that is constructed correctly. The Unicorn-based testing harness loads the target binary code, sets the initial state and loads data mutated by AFL. The test harness emulates the binary code of the target and, if a crash or an error occurs, it will send a signal. AFL will perform all its usual tasks, but is actually fuzzing the emulated binary code. It was only tested on Ubuntu 16.04 LTS but should work with any OS that can run both AFL and Unicorn.