Google OSS-Fuzz

OSS-Fuzz provides continuous fuzz testing for open source software, effectively revealing programming errors with significant security implications, such as buffer overflows. By leveraging advanced fuzzing techniques and scalable execution, it has successfully identified over 10,000 vulnerabilities across various programming languages, enhancing the security and stability of countless projects.

Top Google OSS-Fuzz Alternatives

Honggfuzz

Honggfuzz is an advanced, security-focused software fuzzer that utilizes evolutionary, feedback-driven techniques based on code coverage.

By: Google From United States

Alternatives

Sulley

Sulley is a sophisticated fuzzing framework designed for seamless automation and unattended operation.

By: OpenRCE From United States

Alternatives

hevm

hevm is a specialized fuzz testing tool designed for the Ethereum Virtual Machine (EVM), facilitating symbolic execution, unit testing, and smart contract debugging.

By: DappHub From United States

Alternatives

syzkaller

Syzkaller is an advanced unsupervised coverage-guided kernel fuzzer designed to enhance system security by identifying vulnerabilities across various operating systems, including Linux, FreeBSD, and Windows.

By: Google From United States

Alternatives

go-fuzz

Go-fuzz is a sophisticated coverage-guided fuzzing tool designed for testing Go packages, particularly those handling complex text and binary inputs.

By: dvyukov From United States

Alternatives

Tayt

Tayt serves as an advanced fuzzer for StarkNet smart contracts, allowing users to analyze contract behavior through rigorous testing.

By: Crytic From United States

Alternatives

FuzzDB

It offers an extensive array of attack patterns and payloads tailored for fault injection, including...

By: GitHub From United States

Alternatives

american fuzzy lop

By generating compact, effective data corpora, it enhances the testing of complex applications like image...

By: Google From United States

Alternatives

Fuzzbuzz

It automates the execution of fuzz tests within CI/CD pipelines, promptly notifying teams of critical...

By: GitHub From United States

Alternatives

ToothPicker

Built on FRIDA, it provides adaptability across platforms...

By: Secure Mobile Networking Lab From United States

Alternatives

Fuzzapi

This Rails application features a user-friendly interface, simplifying the interaction with the gem...

By: GitHub From United States

Alternatives

Radamsa

By transforming valid data samples into varied outputs, Radamsa has successfully identified numerous critical bugs...

By: Aki Helin From United States

Alternatives

Ffuf

Users can execute fuzzing operations with customizable inputs and wordlists, making it adaptable for various...

By: GitHub From United States

Alternatives

OWASP WSFuzzer

By simulating unexpected inputs, it identifies vulnerabilities, such as buffer overflows and DoS attacks...

By: OWASP From United States

Alternatives

Etheno

It simplifies the process of utilizing complex tools like Echidna for large multi-contract projects...

By: Crytic From United States

Alternatives

Top Google OSS-Fuzz Features

Continuous fuzzing for open source
Identifies security vulnerabilities
Detects stability bugs
Supports multiple programming languages
Scalable and distributed execution
Integration with libFuzzer
Integration with AFL++
Integration with Honggfuzz
Supports various architectures
Provides detailed documentation
Community-driven feedback mechanism
Tracks over 10
000 vulnerabilities
Supports both ClusterFuzz and ClusterFuzzLite
Real-time error reporting
Guided in-process fuzzing
Enhances software security
Open source community collaboration
Focus on widely used projects
Automates fuzz testing process
Supports LLVM-compatible languages