AFL++ is a coverage-guided fuzzing framework that discovers crashes and hangs in software by mutating inputs while tracking which code paths are exercised. It functions as both a fuzzing engine and a campaign manager, supporting targets with or without source code through compile-time instrumentation, dynamic binary instrumentation, and emulation. The framework includes tools for crash triage and analysis, test case minimization, and campaign deployment across local or distributed environments. The framework distinguishes itself through its breadth of instrumentation backends, allowing users
AFL is a coverage-guided fuzzer and security vulnerability scanner used to identify software bugs and memory corruption by feeding programs mutated data. It functions as a binary instrumentation tool and a test case minimizer to locate crashes and isolate the smallest set of bytes causing a fault. The project distinguishes itself through its ability to operate as a parallel fuzzing orchestrator, distributing workloads across multiple CPU cores or networked machines. It utilizes dictionary-based mutation for complex file formats and performs input sensitivity analysis to identify critical sect
Syzkaller is an unsupervised, coverage-guided kernel fuzzer that automatically generates and mutates system call sequences to find bugs in operating system kernels. It operates without human intervention, using a closed feedback loop of input generation, execution, crash detection, and corpus refinement to continuously explore kernel code paths. The fuzzer distinguishes itself by supporting multiple operating system kernels, including Linux, FreeBSD, and Windows, through per-platform syscall harnesses that abstract system call interfaces behind a common driver. It uses declarative description
OSS-Fuzz is a distributed, containerized platform for continuous fuzzing and memory safety analysis. It functions as a bug hunting infrastructure that identifies security vulnerabilities and stability bugs through automated, coverage-guided fuzz testing across a scalable cluster of containers. The system provides a continuous security testing pipeline that manages the entire lifecycle of vulnerability discovery, from bootstrapping project templates and compiling targets to executing long-running batch tests. It specifically focuses on memory safety, utilizing sanitizers to detect buffer overf