honggfuzz

Description

• A general-purpose, easy-to-use fuzzer with interesting analysis options. See README wiki page for more details
• Supports hardware-based feedback-driven fuzzing (requires Linux and a supported CPU model), also for closed-source binaries
• It works, at least, under GNU/Linux, FreeBSD, Mac OSX and Android
• Can fuzz long-lasting processes (e.g. network servers like Apache's httpd and ISC's bind)
• It's been used to find a few interesting security problems in major software; examples:
  • FreeType 2 project: CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527
  • Multiple bugs in the libtiff library
  • Multiple bugs in the librsvg library
  • Multiple bugs in the poppler library
  • Multiple exploitable bugs in IDA-Pro
  • ... and more

Code

• Latest version: 0.6 CHANGELOG
• Older versions and static builds: Honggfuzz 0.5, Direct download link and earlier versions

Requirements

• Linux - BFD library (libbfd-dev) and LibUnwind (libunwind-dev/libunwind8-dev)
• FreeBSD - gmake
• Android - Android SDK/NDK

Other

This is NOT an official Google product.