american fuzzy lop Reviews

american fuzzy lop Description

American fuzzy lop, a security-oriented fuzzer, uses a novel form of compile-time tooling and genetic algorithms to discover clean test cases that trigger internal states within the binary. This improves the functional coverage of the fuzzed codes. The compact corpora generated by the tool can also be used to seed other, more resource-intensive or labor-intensive testing regimes in the future. Afl-fuzz, in comparison to other instrumented fuzzers, is designed to be practical. It has a modest overhead, uses highly effective fuzzing techniques and effort minimization tricks. It requires little configuration and handles complex real-world use-cases, such as common image parsing and file compression libraries. It's an instrumentation-guided genetic fuzzer capable of synthesizing complex file semantics in a wide range of non-trivial targets.

Pricing

Pricing Starts At:

Free

Free Version:

Yes

Integrations

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

Google

Headquarters:

United States

Website:

github.com/google/AFL

Media

Product Details

Platforms

Mac

Linux

Type of Training

Documentation

Customer Support

Online

american fuzzy lop Features and Options

Fuzz Testing Tool

Compare american fuzzy lop Against Alternatives

vs.

LibFuzzer

LibFuzzer, a coverage-guided evolutionary fuzzing tool, is a fuzzing engine that works in the background. LibFuzzer links with the library being tested and feeds fuzzed data to the library through a specific fuzzing target function. The fuzzer tracks the code coverage and generates mutations...

Compare
vs.

go-fuzz

Go-fuzz provides coverage-guided fuzzing for testing Go packages. Fuzzing is most useful for packages that parse binary and text inputs. It is also useful to harden systems that parse inputs that are potentially malicious (anything that is accepted over a LAN). Go Modules are now supported by...

Compare
vs.

Boofuzz

Boofuzz forks and succeeds the venerable Sulley fuzzing framework. Boofuzz is a fork of the venerable Sulley fuzzing framework. It aims to be extensible, in addition to numerous bug fixes. Boofuzz, like Sulley, incorporates all of the critical elements that make up a fuzzer, such as easy and...

Compare
vs.

Sulley

Sulley is an extensible fuzzing engine, and fuzz testing framework. Sulley (IMHO), surpasses the capabilities of many previously published fuzzing techniques, both commercial and public domain. The framework's goal is to simplify data representation, data transmission, and instrumentation. A...

Compare
vs.

Awesome Fuzzing

Awesome Fuzzing contains a list of fuzzing materials, including books, free and paid courses, videos, tutorials, vulnerable applications, and tools to help you learn fuzzing, as well as the initial phases of exploit creation, such root cause analysis. Videos on fuzzing courses/training, videos...

Compare
vs.

Defensics

Defensics, a versatile, automated blackbox fuzzer, allows organizations to quickly and effectively identify and fix security flaws in software. Identify flaws and zero-day vulnerabilities in protocols and services. The generational fuzzer uses an intelligent, targeted approach for negative...

Compare
vs.

Google ClusterFuzz

ClusterFuzz provides a scalable fuzzing system that can be used to find security and stability issues within software. Google uses ClusterFuzz as the fuzzing engine for OSS Fuzz and to fuzz all Google Products. ClusterFuzz offers many features that allow fuzzing to be seamlessly integrated into...

Compare
vs.

ClusterFuzz

ClusterFuzz provides a scalable fuzzing system that can be used to find security and stability issues within software. Google uses ClusterFuzz as the fuzzing engine for OSS Fuzz and to fuzz all Google Products. ClusterFuzz offers many features that allow fuzzing to be seamlessly integrated into...

Compare

Similar Software

go-fuzz

Go-fuzz provides coverage-guided fuzzing for testing Go packages. Fuzzing is most useful for packages that parse binary and text inputs. It is also useful to harden systems that parse inputs that are potentially malicious (anything that is accepted over a LAN). Go Modules are now supported by...

View Software
afl-unicorn

Afl-unicorn allows you to fuzz any binary code that can be emulated using Unicorn Engine. Afl-unicorn can fuzz any binary that can be emulated by Unicorn Engine. Unicorn Mode implements the block-edge instrumentation normally done by AFL's QEMU Mode into Unicorn Engine. AFL will basically use...

View Software
Sulley

Sulley is an extensible fuzzing engine, and fuzz testing framework. Sulley (IMHO), surpasses the capabilities of many previously published fuzzing techniques, both commercial and public domain. The framework's goal is to simplify data representation, data transmission, and instrumentation. A...

View Software
LibFuzzer

LibFuzzer, a coverage-guided evolutionary fuzzing tool, is a fuzzing engine that works in the background. LibFuzzer links with the library being tested and feeds fuzzed data to the library through a specific fuzzing target function. The fuzzer tracks the code coverage and generates mutations...

View Software
Boofuzz

Boofuzz forks and succeeds the venerable Sulley fuzzing framework. Boofuzz is a fork of the venerable Sulley fuzzing framework. It aims to be extensible, in addition to numerous bug fixes. Boofuzz, like Sulley, incorporates all of the critical elements that make up a fuzzer, such as easy and...

View Software