jaeswift-website/api/data/awesomelist/cpuu--awesome-fuzzing.json


			
				
				
					
						
						
						
							
							
							{"slug": "cpuu--awesome-fuzzing", "title": "Fuzzing", "description": "A curated list of awesome Fuzzing(or Fuzz Testing) for software security", "github_url": "https://github.com/cpuu/awesome-fuzzing", "stars": "711", "tag": "Security", "entry_count": 185, "subcategory_count": 21, "subcategories": [{"name": "General", "parent": "", "entries": [{"name": "Books", "url": "#books", "description": ""}, {"name": "Papers", "url": "#papers", "description": ""}, {"name": "Tools", "url": "#tools", "description": ""}, {"name": "Platform", "url": "#platform", "description": ""}, {"name": "Fuzzing-101", "url": "https://github.com/antonio-morales/Fuzzing101", "description": "", "stars": "2.1k"}, {"name": "The Fuzzing Book", "url": "https://www.fuzzingbook.org/", "description": ""}, {"name": "The Art, Science, and Engineering of Fuzzing: A Survey", "url": "https://ieeexplore.ieee.org/document/8863940", "description": ""}, {"name": "Fuzzing for Software Security Testing and Quality Assurance, 2nd Edition", "url": "https://www.amazon.com/Fuzzing-Software-Security-Testing-Assurance/dp/1608078507/", "description": ""}, {"name": "Fuzzing: Brute Force Vulnerability Discovery, 1st Edition", "url": "https://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery/dp/0321446119/", "description": ""}, {"name": "Open Source Fuzzing Tools, 1st Edition", "url": "https://www.amazon.com/Open-Source-Fuzzing-Tools-Rathaus/dp/1597491950/", "description": ""}, {"name": "Fuzzing Labs - Patrick Ventuzelo", "url": "https://www.youtube.com/channel/UCGD1Qt2jgnFRjrfAITGdNfQ", "description": ""}, {"name": "Effective File Format Fuzzing", "url": "https://youtu.be/qTTwqFRD1H8", "description": ""}, {"name": "Adventures in Fuzzing", "url": "https://www.youtube.com/watch?v=SngK4W4tVc0", "description": ""}, {"name": "Fuzzing with AFL", "url": "https://www.youtube.com/watch?v=DFQT1YxvpDo", "description": ""}]}, {"name": "The Network and Distributed System Security Symposium (NDSS)", "parent": "Papers", "entries": [{"name": "Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-345-paper.pdf", "description": ""}, {"name": "MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-314-paper.pdf", "description": ""}, {"name": "Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-296-paper.pdf", "description": ""}, {"name": "EMS: History-Driven Mutation for Coverage-based Fuzzing, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-162-paper.pdf", "description": ""}, {"name": "WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021", "url": "https://taesoo.kim/pubs/2021/jung:winnie.pdf", "description": ""}, {"name": "Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing, 2021", "url": "https://www.cs.ucr.edu/~heng/pubs/afl-hier.pdf", "description": ""}, {"name": "PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles, 2021", "url": "https://beerkay.github.io/papers/Berkay2021PGFuzzNDSS.pdf", "description": ""}, {"name": "Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases, 2021", "url": "https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-2_24224_paper.pdf", "description": ""}, {"name": "HFL: Hybrid Fuzzing on the Linux Kernel, 2020", "url": "https://www.unexploitable.systems/publication/kimhfl/", "description": ""}, {"name": "HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing, 2020", "url": "https://www.researchgate.net/publication/339164746_HotFuzz_Discovering_Algorithmic_Denial-of-Service_Vulnerabilities_Through_Guided_Micro-Fuzzing", "description": ""}, {"name": "HYPER-CUBE: High-Dimensional Hypervisor Fuzzing, 2020", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/02/07/Hyper-Cube-NDSS20.pdf", "description": ""}, {"name": "Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization, 2020", "url": "https://www.ndss-symposium.org/wp-content/uploads/2020/02/24422.pdf", "description": ""}, {"name": "CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines, 2019", "url": "https://daramg.gift/paper/han-ndss2019.pdf", "description": ""}, {"name": "PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary, 2019", "url": "https://people.cs.kuleuven.be/~stijn.volckaert/papers/2019_NDSS_PeriScope.pdf", "description": ""}, {"name": "REDQUEEN: Fuzzing with Input-to-State Correspondence, 2019", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2018/12/17/NDSS19-Redqueen.pdf", "description": ""}, {"name": "Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing, 2019", "url": "https://www.cs.ucr.edu/~heng/pubs/digfuzz_ndss19.pdf", "description": ""}, {"name": "Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications, 2019", "url": "https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_08-4_Zhang_paper.pdf", "description": ""}, {"name": "INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing, 2018", "url": "https://www.ndss-symposium.org/wp-content/uploads/2018/07/bar2018_14_Hsu_paper.pdf", "description": ""}, {"name": "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, 2018", "url": "http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_01A-1_Chen_paper.pdf", "description": ""}, {"name": "What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, 2018", "url": "http://s3.eurecom.fr/docs/ndss18_muench.pdf", "description": ""}, {"name": "Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, 2018", "url": "https://lifeasageek.github.io/papers/han:meds.pdf", "description": ""}, {"name": "Vuzzer: Application-aware evolutionary fuzzing, 2017", "url": "https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/vuzzer-application-aware-evolutionary-fuzzing/", "description": ""}, {"name": "DELTA: A Security Assessment Framework for Software-Defined Networks, 2017", "url": "https://www.ndss-symposium.org/wp-content/uploads/2017/09/ndss201702A-1LeePaper.pdf", "description": ""}, {"name": "Driller: Augmenting Fuzzing Through Selective Symbolic Execution, 2016", "url": "https://cancer.shtech.org/wiki/uploads/2016---NDSS---driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf", "description": ""}, {"name": "Automated Whitebox Fuzz Testing, 2008", "url": "https://www.ndss-symposium.org/wp-content/uploads/2017/09/Automated-Whitebox-Fuzz-Testing-paper-Patrice-Godefroid.pdf", "description": ""}]}, {"name": "IEEE Symposium on Security and Privacy (IEEE S\\&P)", "parent": "Papers", "entries": [{"name": "PATA: Fuzzing with Path Aware Taint Analysis, 2022", "url": "http://www.wingtecher.com/themes/WingTecherResearch/assets/papers/sp22.pdf", "description": ""}, {"name": "Jigsaw: Efficient and Scalable Path Constraints Fuzzing, 2022", "url": "https://www.cs.ucr.edu/~csong/oakland22-jigsaw.pdf", "description": ""}, {"name": "FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks, 2022", "url": "https://github.com/purseclab/fuzzusb/blob/main/paper/fuzzusb.pdf", "description": "", "stars": "26"}, {"name": "Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis, 2022", "url": "https://arxiv.org/pdf/2203.12064.pdf", "description": ""}, {"name": "BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning, 2022", "url": "https://qingkaishi.github.io/public_pdfs/SP22.pdf", "description": ""}, {"name": "STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting, 2021", "url": "https://www.cs.purdue.edu/homes/zhan3299/res/SP21b.pdf", "description": ""}, {"name": "One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation, 2021", "url": "https://huhong789.github.io/papers/polyglot-oakland2021.pdf", "description": ""}, {"name": "NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis, 2021", "url": "https://softsec.kaist.ac.kr/~jschoi/data/oakland2021.pdf", "description": ""}, {"name": "DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugs, 2021", "url": "https://lifeasageek.github.io/papers/jaewon-difuzzrtl.pdf", "description": ""}, {"name": "DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices, 2021", "url": "https://conand.me/publications/redini-diane-2021.pdf", "description": ""}, {"name": "Fuzzing JavaScript Engines with Aspect-preserving Mutation, 2020", "url": "https://jakkdu.github.io/pubs/2020/park:die.pdf", "description": ""}, {"name": "IJON: Exploring Deep State Spaces via Fuzzing, 2020", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/02/27/IJON-Oakland20.pdf", "description": ""}, {"name": "Krace: Data Race Fuzzing for Kernel File Systems, 2020", "url": "https://www.cc.gatech.edu/~mxu80/pubs/xu:krace.pdf", "description": ""}, {"name": "Pangolin:Incremental Hybrid Fuzzing with Polyhedral Path Abstraction, 2020", "url": "https://qingkaishi.github.io/public_pdfs/SP2020.pdf", "description": ""}, {"name": "RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization, 2020", "url": "https://www.semanticscholar.org/paper/RetroWrite%3A-Statically-Instrumenting-COTS-Binaries-Dinesh-Burow/845cafb153b0e4b9943c6d9b6a7e42c14845a0d6", "description": ""}, {"name": "Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000b122/19skgbGVFEQ", "description": ""}, {"name": "Fuzzing File Systems via Two-Dimensional Input Space Exploration, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a594/19skfLYOpaw", "description": ""}, {"name": "NEUZZ: Efficient Fuzzing with Neural Program Smoothing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a900/19skg5XghG0", "description": ""}, {"name": "Razzer: Finding Kernel Race Bugs through Fuzzing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a296/19skfwZLirm", "description": ""}, {"name": "Angora: Efficient Fuzzing by Principled Search, 2018", "url": "http://web.cs.ucdavis.edu/~hchen/paper/chen2018angora.pdf", "description": ""}, {"name": "CollAFL: Path Sensitive Fuzzing, 2018", "url": "http://chao.100871.net/papers/oakland18.pdf", "description": ""}, {"name": "T-Fuzz: fuzzing by program transformation, 2018", "url": "https://nebelwelt.net/publications/files/18Oakland.pdf", "description": ""}, {"name": "Skyfire: Data-Driven Seed Generation for Fuzzing, 2017", "url": "https://www.ieee-security.org/TC/SP2017/papers/42.pdf", "description": ""}, {"name": "Program-Adaptive Mutational Fuzzing, 2015", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/cha-oakland15.pdf", "description": ""}, {"name": "TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection, 2010", "url": "https://ieeexplore.ieee.org/abstract/document/5504701", "description": ""}]}, {"name": "USENIX Security", "parent": "Papers", "entries": [{"name": "StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-zhao-bodong.pdf", "description": ""}, {"name": "FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing, 2022", "url": "https://www.usenix.org/system/files/sec22-zhang-zenong.pdf", "description": ""}, {"name": "SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-cloosters.pdf", "description": ""}, {"name": "AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities, 2022", "url": "https://www.usenix.org/system/files/sec22-krupp.pdf", "description": ""}, {"name": "Stateful Greybox Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-ba.pdf", "description": ""}, {"name": "BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-garbelini.pdf", "description": ""}, {"name": "Fuzzing Hardware Like Software, 2022", "url": "https://www.usenix.org/system/files/sec22-trippel.pdf", "description": ""}, {"name": "Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds, 2022", "url": "https://www.usenix.org/system/files/sec22-shen-zekun.pdf", "description": ""}, {"name": "FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-kim.pdf", "description": ""}, {"name": "TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities, 2022", "url": "https://www.usenix.org/system/files/sec22-kande.pdf", "description": ""}, {"name": "MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference, 2022", "url": "https://www.usenix.org/system/files/sec22-myung.pdf", "description": ""}, {"name": "Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-scharnowski.pdf", "description": ""}, {"name": "SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel, 2022", "url": "https://www.usenix.org/system/files/sec22-zou.pdf", "description": ""}, {"name": "Morphuzz: Bending (Input) Space to Fuzz Virtual Devices, 2022", "url": "https://www.usenix.org/system/files/sec22-bulekov.pdf", "description": ""}, {"name": "Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/nagy", "description": ""}, {"name": "ICSFuzz: Manipulating I/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/tychalas", "description": ""}, {"name": "Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/aafer", "description": ""}, {"name": "Constraint-guided Directed Greybox Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/lee-gwangmu", "description": ""}, {"name": "Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/schumilo", "description": ""}, {"name": "UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/li-yuwei", "description": ""}, {"name": "FANS: Fuzzing Android Native System Services via Automated Interface Analysis, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/liu", "description": ""}, {"name": "Analysis of DTLS Implementations Using Protocol State Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/fiterau-brostean", "description": ""}, {"name": "EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/yue", "description": ""}, {"name": "Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/jiang", "description": ""}, {"name": "FuzzGen: Automatic Fuzzer Generation, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/ispoglou", "description": ""}, {"name": "ParmeSan: Sanitizer-guided Greybox Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/osterlund", "description": ""}, {"name": "SpecFuzz: Bringing Spectre-type vulnerabilities to the surface, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/oleksenko", "description": ""}, {"name": "FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/zong", "description": ""}, {"name": "Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/lee-suyoung", "description": ""}, {"name": "GREYONE: Data Flow Sensitive Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/gan", "description": ""}, {"name": "Fuzzification: Anti-Fuzzing Techniques, 2019", "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/jung", "description": ""}, {"name": "AntiFuzz: Impeding Fuzzing Audits of Binary Executables, 2019", "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/guler", "description": ""}, {"name": "Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/talebi", "description": ""}, {"name": "MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/pailoor", "description": ""}, {"name": "QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/yun", "description": ""}, {"name": "OSS-Fuzz - Google's continuous fuzzing service for open source software, 2017", "url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/serebryany", "description": ""}, {"name": "kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017", "url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/schumilo", "description": ""}, {"name": "Protocol State Fuzzing of TLS Implementations, 2015", "url": "https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/de-ruiter", "description": ""}, {"name": "Optimizing Seed Selection for Fuzzing, 2014", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/rebert-usenixsec14.pdf", "description": ""}, {"name": "Dowsing for overflows: a guided fuzzer to find buffer boundary violations, 2013", "url": "http://enigma.usenix.org/sites/default/files/sec13_proceedings_interior.pdf#page=57", "description": ""}, {"name": "Fuzzing with Code Fragments, 2012", "url": "https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final73.pdf", "description": ""}]}, {"name": "ACM Conference on Computer and Communications Security (ACM CCS)", "parent": "Papers", "entries": [{"name": "Fuzz on the Beach: Fuzzing Solana Smart Contracts, 2023", "url": "https://arxiv.org/pdf/2309.03006.pdf", "description": ""}, {"name": "NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic, 2023", "url": "https://secsys.fudan.edu.cn/_upload/article/files/56/ed/788960544d56a38258aca7d3c8b5/216e599a-d6f6-4308-aa0b-ef45166a8431.pdf", "description": ""}, {"name": "Profile-Driven System Optimizations for Accelerated Greybox Fuzzing, 2023", "url": "https://users.cs.utah.edu/~snagy/papers/23CCS.pdf", "description": ""}, {"name": "Hopper: Interpretative Fuzzing for Libraries, 2023", "url": "https://arxiv.org/pdf/2309.03496.pdf", "description": ""}, {"name": "Greybox Fuzzing of Distributed Systems, 2023", "url": "https://arxiv.org/pdf/2305.02601.pdf", "description": ""}, {"name": "SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities, 2022", "url": "https://compsec.snu.ac.kr/papers/jaewon-specdoctor.pdf", "description": ""}, {"name": "SFuzz: Slice-based Fuzzing for Real-Time Operating Systems, 2022", "url": "https://huhong789.github.io/papers/chen:sfuzz.pdf", "description": ""}, {"name": "MC^2: Rigorous and Efficient Directed Greybox Fuzzing, 2022", "url": "https://arxiv.org/pdf/2208.14530.pdf", "description": ""}, {"name": "LibAFL: A Framework to Build Modular and Reusable Fuzzers, 2022", "url": "https://www.s3.eurecom.fr/docs/ccs22_fioraldi.pdf", "description": ""}, {"name": "JIT-Picking: Differential Fuzzing of JavaScript Engines, 2022", "url": "https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf", "description": ""}, {"name": "DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing, 2022", "url": "https://chungkim.io/doc/ccs22-drivefuzz.pdf", "description": ""}, {"name": "SoFi: Reflection-Augmented Fuzzing for JavaScript Engines, 2021", "url": "https://dl.acm.org/doi/pdf/10.1145/3460120.3484823", "description": ""}, {"name": "T-Reqs: HTTP Request Smuggling with Differential Fuzzing, 2021", "url": "https://bahruz.me/papers/ccs2021treqs.pdf", "description": ""}, {"name": "V-SHUTTLE: Scalable and Semantics-Aware Hypervisor Fuzzing, 2021", "url": "https://nesa.zju.edu.cn/download/ppt/pgn_slides_V-SHUTTLE.pdf", "description": ""}, {"name": "Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing, 2021", "url": "https://people.cs.vt.edu/snagy2/papers/21CCS.pdf", "description": ""}, {"name": "HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs, 2021", "url": "https://www.microsoft.com/en-us/research/uploads/prod/2021/09/hyperfuzzer-ccs21.pdf", "description": ""}, {"name": "Regression Greybox Fuzzing, 2021", "url": "https://mboehme.github.io/paper/CCS21.pdf", "description": ""}, {"name": "Hardware Support to Improve Fuzzing Performance and Precision, 2021", "url": "https://gts3.org/assets/papers/2021/ding:snap.pdf", "description": ""}, {"name": "SNIPUZZ: Black-box Fuzzing of IoT Firmware via Message Snippet Inference, 2021", "url": "https://arxiv.org/pdf/2105.05445.pdf", "description": ""}, {"name": "FREEDOM: Engineering a State-of-the-Art DOM Fuzzer, 2020", "url": "https://gts3.org/assets/papers/2020/xu:freedom.pdf", "description": ""}, {"name": "Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing, 2019", "url": "https://dl.acm.org/citation.cfm?id=3354249", "description": ""}, {"name": "Learning to Fuzz from Symbolic Execution with Application to Smart Contracts, 2019", "url": "https://files.sri.inf.ethz.ch/website/papers/ccs19-ilf.pdf", "description": ""}, {"name": "Matryoshka: fuzzing deeply nested branches, 2019", "url": "https://web.cs.ucdavis.edu/~hchen/paper/chen2019matryoshka.pdf", "description": ""}, {"name": "Evaluating Fuzz Testing, 2018", "url": "http://www.cs.umd.edu/~mwh/papers/fuzzeval.pdf", "description": ""}, {"name": "Hawkeye: Towards a Desired Directed Grey-box Fuzzer, 2018", "url": "https://chenbihuan.github.io/paper/ccs18-chen-hawkeye.pdf", "description": ""}, {"name": "IMF: Inferred Model-based Fuzzer, 2017", "url": "http://daramg.gift/paper/han-ccs2017.pdf", "description": ""}, {"name": "SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits, 2017", "url": "https://www.informatics.indiana.edu/xw7/papers/p2139-you.pdf", "description": ""}, {"name": "AFL-based Fuzzing for Java with Kelinci, 2017", "url": "https://dl.acm.org/citation.cfm?id=3138820", "description": ""}, {"name": "Designing New Operating Primitives to Improve Fuzzing Performance, 2017", "url": "http://iisp.gatech.edu/sites/default/files/images/designing_new_operating_primitives_to_improve_fuzzing_performance_vt.pdf", "description": ""}, {"name": "Directed Greybox Fuzzing, 2017", "url": "https://dl.acm.org/citation.cfm?id=3134020", "description": ""}, {"name": "SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities, 2017", "url": "https://arxiv.org/pdf/1708.08437.pdf", "description": ""}, {"name": "DIFUZE: Interface Aware Fuzzing for Kernel Drivers, 2017", "url": "https://acmccs.github.io/papers/p2123-corinaA.pdf", "description": ""}, {"name": "Systematic Fuzzing and Testing of TLS Libraries, 2016", "url": "https://www.nds.rub.de/media/nds/veroeffentlichungen/2016/10/19/tls-attacker-ccs16.pdf", "description": ""}, {"name": "Coverage-based Greybox Fuzzing as Markov Chain, 2016", "url": "https://ieeexplore.ieee.org/abstract/document/8233151", "description": ""}, {"name": "eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters, 2016", "url": "http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.817.5616\\&rep=rep1\\&type=pdf", "description": ""}, {"name": "Scheduling Black-box Mutational Fuzzing, 2013", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/woo-ccs13.pdf", "description": ""}, {"name": "Taming compiler fuzzers, 2013", "url": "https://www.cs.utah.edu/~regehr/papers/pldi13.pdf", "description": ""}, {"name": "SAGE: whitebox fuzzing for security testing, 2012", "url": "https://dl.acm.org/citation.cfm?id=2094081", "description": ""}, {"name": "Grammar-based whitebox fuzzing, 2008", "url": "https://dl.acm.org/citation.cfm?id=1375607", "description": ""}, {"name": "Taint-based directed whitebox fuzzing, 2009", "url": "https://dl.acm.org/citation.cfm?id=1555061", "description": ""}]}, {"name": "ArXiv (Fuzzing with Artificial Intelligence & Machine Learning)", "parent": "Papers", "entries": [{"name": "MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing, 2020", "url": "https://arxiv.org/abs/2002.08568", "description": ""}, {"name": "A Review of Machine Learning Applications in Fuzzing, 2019", "url": "https://arxiv.org/abs/1906.11133", "description": ""}, {"name": "Evolutionary Fuzzing of Android OS Vendor System Services, 2019", "url": "https://arxiv.org/abs/1906.00621", "description": ""}, {"name": "MoonLight: Effective Fuzzing with Near-Optimal Corpus Distillation, 2019", "url": "https://arxiv.org/abs/1905.13055", "description": ""}, {"name": "Coverage-Guided Fuzzing for Deep Neural Networks, 2018", "url": "https://arxiv.org/abs/1809.01266", "description": ""}, {"name": "DLFuzz: Differential Fuzzing Testing of Deep Learning Systems, 2018", "url": "https://arxiv.org/abs/1808.09413", "description": ""}, {"name": "TensorFuzz: Debugging Neural Networks with Coverage-Guided Fuzzing, 2018", "url": "https://arxiv.org/abs/1807.10875", "description": ""}, {"name": "NEUZZ: Efficient Fuzzing with Neural Program Learning, 2018", "url": "https://arxiv.org/abs/1807.05620", "description": ""}, {"name": "EnFuzz: From Ensemble Learning to Ensemble Fuzzing, 2018", "url": "https://arxiv.org/abs/1807.00182", "description": ""}, {"name": "REST-ler: Automatic Intelligent REST API Fuzzing, 2018", "url": "https://arxiv.org/abs/1806.09739", "description": ""}, {"name": "Deep Reinforcement Fuzzing, 2018", "url": "https://arxiv.org/abs/1801.04589", "description": ""}, {"name": "Not all bytes are equal: Neural byte sieve for fuzzing, 2017", "url": "https://arxiv.org/abs/1711.04596", "description": ""}, {"name": "Faster Fuzzing: Reinitialization with Deep Neural Models, 2017", "url": "https://arxiv.org/abs/1711.02807", "description": ""}, {"name": "Learn\\&Fuzz: Machine Learning for Input Fuzzing, 2017", "url": "https://arxiv.org/abs/1701.07232", "description": ""}, {"name": "Complementing Model Learning with Mutation-Based Fuzzing, 2016", "url": "https://arxiv.org/abs/1611.02429", "description": ""}]}, {"name": "The others", "parent": "Papers", "entries": [{"name": "Fuzzle: Making a Puzzle for Fuzzers, 2022", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/lee-ase22.pdf", "description": ""}, {"name": "Ifuzzer: An evolutionary interpreter fuzzer using genetic programming, 2016", "url": "https://www.cs.vu.nl/~herbertb/download/papers/ifuzzer-esorics16.pdf", "description": ""}, {"name": "Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution, 2012", "url": "https://pdfs.semanticscholar.org/488a/b1e313f5109153f2c74e3b5d86d41e9b4b71.pdf", "description": ""}, {"name": "Call-Flow Aware API Fuzz Testing for Security of Windows Systems, 2008", "url": "https://www.computer.org/csdl/proceedings/iccsa/2008/3243/00/3243a019-abs.html", "description": ""}, {"name": "Feedback-directed random test generation, 2007", "url": "https://dl.acm.org/citation.cfm?id=1248841", "description": ""}, {"name": "MTF-Storm:a high performance fuzzer for Modbus/TCP, 2018", "url": "https://doi.org/10.1109/ETFA.2018.8502600", "description": ""}, {"name": "A Modbus/TCP Fuzzer for testing internetworked industrial systems, 2015", "url": "https://doi.org/10.1109/ETFA.2015.7301400", "description": ""}]}, {"name": "File", "parent": "Tools", "entries": [{"name": "AFL++", "url": "https://github.com/AFLplusplus/AFLplusplus", "description": "AFL++ is a superior fork to Google's AFL - more speed, more and better mutations, more and better instrumentation, custom module support, etc.", "stars": "4.1k"}, {"name": "Angora", "url": "https://github.com/AngoraFuzzer/Angora", "description": "Angora is a mutation-based coverage guided fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.", "stars": "882"}]}, {"name": "Kernel", "parent": "Tools", "entries": []}, {"name": "Network", "parent": "Tools", "entries": []}, {"name": "API", "parent": "Tools", "entries": [{"name": "IvySyn", "url": "https://gitlab.com/brown-ssl/ivysyn", "description": "IvySyn is a fully-automated framework for discovering memory error vulnerabilities in Deep Learning (DL) frameworks."}, {"name": "MINER", "url": "https://github.com/puppet-meteor/MINER", "description": "MINER is a REST API fuzzer that utilizes three data-driven designs working together to guide the sequence generation, improve the request generation quality, and capture the unique errors caused by incorrect parameter usage.", "stars": "21"}, {"name": "RestTestGen", "url": "https://github.com/SeUniVr/RestTestGen", "description": "RestTestGen is a robust tool and framework designed for automated black-box testing of RESTful web APIs.", "stars": "27"}, {"name": "GraphFuzz", "url": "https://github.com/ForAllSecure/GraphFuzz", "description": "GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.", "stars": "7"}, {"name": "Minerva", "url": "https://github.com/ChijinZ/Minerva", "description": "Minerva is a browser fuzzer augmented by API mod-ref relations, aiming to synthesize highly-relevant browser API invocations in each test case.", "stars": "25"}, {"name": "FANS", "url": "https://github.com/iromise/fans", "description": "FANS is a fuzzing tool for fuzzing Android native system services. It contains four components: interface collector, interface model extractor, dependency inferer, and fuzzer engine.", "stars": "229"}]}, {"name": "JavaScript", "parent": "Tools", "entries": []}, {"name": "Firmware", "parent": "Tools", "entries": []}, {"name": "Hypervisor", "parent": "Tools", "entries": []}, {"name": "CPU", "parent": "Tools", "entries": [{"name": "DifuzzRTL", "url": "https://github.com/compsec-snu/difuzz-rtl", "description": "DifuzzRTL is a differential fuzz testing approach for CPU verification.", "stars": "59"}, {"name": "MorFuzz", "url": "https://github.com/sycuricon/MorFuzz", "description": "MorFuzz is a generic RISC-V processor fuzzing framework that can efficiently detect software triggerable functional bugs.", "stars": "10"}, {"name": "SpecFuzz", "url": "https://github.com/tudinfse/SpecFuzz", "description": "SpecFuzz is a tool to enable fuzzing for Spectre vulnerabilities", "stars": "28"}, {"name": "Transynther", "url": "https://github.com/vernamlab/Medusa", "description": "Transynther automatically generates and tests building blocks for Meltdown attacks with various faults and microcode assists.", "stars": "18"}]}, {"name": "Lib", "parent": "Tools", "entries": []}, {"name": "Web", "parent": "Tools", "entries": [{"name": "TEFuzz", "url": "https://github.com/seclab-fudan/TEFuzz/", "description": "TEFuzz is a tailored fuzzing-based framework to facilitate the detection and exploitation of template escape bugs.", "stars": "5"}, {"name": "Witcher", "url": "https://github.com/sefcom/Witcher", "description": "Witcher is a web application fuzzer that utilizes mutational fuzzing to explore web applications and fault escalation to detect command and SQL injection vulnerabilities.", "stars": "54"}, {"name": "CorbFuzz", "url": "https://github.com/shouc/corbfuzz", "description": "CorbFuzz is a state-aware fuzzer for generating as much reponses from a web application as possible without need of setting up database, etc.", "stars": "3"}]}, {"name": "DOM", "parent": "Tools", "entries": []}, {"name": "Argument", "parent": "Tools", "entries": []}, {"name": "Blockchain", "parent": "Tools", "entries": [{"name": "Fluffy", "url": "https://github.com/snuspl/fluffy", "description": "Fluffy is a multi-transaction differential fuzzer for finding consensus bugs in Ethereum.", "stars": "44"}, {"name": "LOKI", "url": "https://github.com/ConsensusFuzz/LOKI", "description": "LOKI is a blockchain consensus protocol fuzzing framework that detects the consensus memory related and logic bugs.", "stars": "7"}]}, {"name": "DBMS", "parent": "Tools", "entries": [{"name": "Squirrel", "url": "https://github.com/s3team/Squirrel", "description": "Squirrel is a fuzzer for database managment systems (DBMSs).", "stars": "166"}]}], "name": ""}
						
						
					
				
				
					
						Reference in a new issue
					
					View git blame
					Copy permalink