go-fuzz Description

Go-fuzz provides coverage-guided fuzzing for testing Go packages. Fuzzing is most useful for packages that parse binary and text inputs. It is also useful to harden systems that parse inputs that are potentially malicious (anything that is accepted over a LAN). Go Modules are now supported by go-fuzz. Please file an issue if you encounter a module problem. Data is a randomly generated input by go-fuzz. Note that it is usually invalid. The function must return 0 if no input should be added to the corpus, but the fuzzer must increase the priority. The fuzz function has to be in a package go-fuzz is able to import. This means that the code you wish to test cannot be in package main. However, fuzzing internal packages can be done.

go-fuzz Alternatives
Google ClusterFuzz Reviews
Google ClusterFuzz
ClusterFuzz provides a scalable fuzzing system that can be used to find security and stability issues within software. Google uses ClusterFuzz as the fuzzing engine for OSS Fuzz and to fuzz all Google Products. ClusterFuzz offers many features that allow fuzzing to be seamlessly integrated into the software development process. Fully automatic bug filing and triage for different issue trackers. Supports multiple coverages-guided fuzzing engines to achieve optimal results (with ensemble fuzzing and fuzzing strategy). Statistics to analyze fuzzer performance and crash rates. Web interface for managing and viewing crashes. Support for multiple authentication providers using Firebase. Support for black-box fuzzing, test case minimization and regression finding using bisection.
Learn more
LibFuzzer Reviews
LibFuzzer
LibFuzzer, a coverage-guided evolutionary fuzzing tool, is a fuzzing engine that works in the background. LibFuzzer links with the library being tested and feeds fuzzed data to the library through a specific fuzzing target function. The fuzzer tracks the code coverage and generates mutations based on the input data to maximize it. SanitizerCoverage, an instrumentation of LLVM, provides code coverage information. LibFuzzer will still be fully supported, in that important bugs are fixed. To use libFuzzer with a library, you must first implement a fuzz-target. This is a function which accepts an array and performs something interesting using the API being tested. This fuzz target is not dependent on libFuzzer, so it can be used with other fuzzing engine like AFL or Radamsa.
Learn more
Jazzer Reviews
Jazzer
Jazzer is an in-process, coverage-guided fuzzer developed by Code Intelligence for the JVM platform. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Docker can be used to test Jazzer's autofuzz, which generates arguments for a Java function and reports unexpected errors and detected security issues. You can also run a standalone Jazzer binaries that starts its JVM configured for fuzzling using GitHub release archives.
Learn more
american fuzzy lop Reviews
american fuzzy lop
American fuzzy lop, a security-oriented fuzzer, uses a novel form of compile-time tooling and genetic algorithms to discover clean test cases that trigger internal states within the binary. This improves the functional coverage of the fuzzed codes. The compact corpora generated by the tool can also be used to seed other, more resource-intensive or labor-intensive testing regimes in the future. Afl-fuzz, in comparison to other instrumented fuzzers, is designed to be practical. It has a modest overhead, uses highly effective fuzzing techniques and effort minimization tricks. It requires little configuration and handles complex real-world use-cases, such as common image parsing and file compression libraries. It's an instrumentation-guided genetic fuzzer capable of synthesizing complex file semantics in a wide range of non-trivial targets.
Learn more

Pricing

Pricing Starts At:
Free
Free Version:
Yes

Integrations

No Integrations at this time

Reviews

Total
ease
features
design
support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:
dvyukov
Website:
github.com/dvyukov/go-fuzz

Media

go-fuzz Screenshot 1
go-fuzz Screenshot 1
Recommended Products
1Password makes it easy to store and share passwords anywhere, anytime Icon
1Password makes it easy to store and share passwords anywhere, anytime

More than a password manager.

Protect yourself, your family, or your global workforce with simple security, easy secret sharing, and actionable insight reports.
Start Today

Product Details

Platforms
Windows
Mac
Linux
Type of Training
Documentation
Customer Support
Online

go-fuzz Features and Options

go-fuzz User Reviews

Write a Review
  • Previous
  • Next