3 repository-uri
Using predefined sets of keywords or magic tokens to guide the mutation of complex file formats.
Distinct from Entry Mutations: Candidates refer to data structure dictionaries or state mutations in UI/DB contexts, not fuzzer mutation strategies.
Explore 3 awesome GitHub repositories matching security & cryptography · Dictionary-Based Mutations. Refine with filters or upvote what's useful.
ClusterFuzz is an automated platform that runs coverage-guided fuzzers at scale to find security and stability bugs in software. It orchestrates libFuzzer and AFL++ across distributed clusters of worker bots, collecting coverage feedback to guide input mutation and discover crashes. The platform provides a web-based dashboard for configuring fuzzing jobs, monitoring progress, and inspecting crash reports, with role-based access control to restrict sensitive features. The system automates the full fuzzing lifecycle, from build pipeline integration and corpus management to crash triage and bug
Uses predefined token dictionaries to guide mutation of structured input formats during fuzzing.
AFL is a coverage-guided fuzzer and security vulnerability scanner used to identify software bugs and memory corruption by feeding programs mutated data. It functions as a binary instrumentation tool and a test case minimizer to locate crashes and isolate the smallest set of bytes causing a fault. The project distinguishes itself through its ability to operate as a parallel fuzzing orchestrator, distributing workloads across multiple CPU cores or networked machines. It utilizes dictionary-based mutation for complex file formats and performs input sensitivity analysis to identify critical sect
Improves mutation efficiency for complex file formats by using specific keywords or magic tokens as seeds.
This project is a comprehensive software fuzzing knowledge base and technical guide designed for discovering software bugs and vulnerabilities. It serves as a resource for implementing coverage-guided, structure-aware, and hybrid fuzzing across various targets, including compiled binaries and hardware kernels. The resource provides specialized guidance on using grammars and defined data formats to generate syntactically valid inputs for complex APIs. It also details methods for combining grey-box fuzzing with symbolic execution to reach deep execution paths and utilizes binary instrumentation
Demonstrates how to use predefined dictionaries of tokens to bypass complex validation checks in target applications.