commit	cc38d09e1274bc5d83071a53dd1b72e751b12d99	[log] [tgz]
author	Robert Swiecki <robert@swiecki.net>	Fri Feb 03 19:12:43 2017 +0100
committer	Robert Swiecki <robert@swiecki.net>	Fri Feb 03 19:12:43 2017 +0100
tree	3efe7167d16f530b981a73421daa63fdd9c7f518
parent	8885029b40ab5d8b6086d5eb1b3fd1fd98ce8bd4 [diff]

examples/openssl: new server corpus

1375 files changed

tree: 3efe7167d16f530b981a73421daa63fdd9c7f518

README.md

honggfuzz

Description

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options. See USAGE for details

Supports several hardware-based (CPU) and software-based feedback-driven fuzzing methods
It works (at least) under GNU/Linux, FreeBSD, Mac OS X, Windows/CygWin and Android
Supports persistent modes of fuzzing (long-lived process calling a fuzzed API repeatedly) with libhfuzz/libhfuzz.a. More on that here
Can fuzz remote/standalone long-lasting processes (e.g. network servers like Apache's httpd and ISC's bind)

Code

Latest version: 0.8
Changelog

Requirements

Linux - The BFD library (libbfd-dev) and libunwind (libunwind-dev/libunwind8-dev)
FreeBSD - gmake
Android - Android SDK/NDK. Also see this detailed doc on how to build and run it
Windows - CygWin
Darwin/OS X - Xcode 10.8+
if Clang/LLVM is used - the BlocksRuntime Library (libblocksruntime-dev)

Trophies

The tool has been used to find a few interesting security problems in major software packages; Examples:

Examples

The examples directory contains code demonstrating (among others) how to use honggfuzz to find bugs in the OpenSSL library and in the Apache web server.

Other

This is NOT an official Google product.