4 repository-uri
Generating new test inputs based on code coverage metrics to explore new execution paths.
Distinct from Code Coverage Analysis: Distinct from general coverage analysis: it uses the analysis as a feedback loop to drive input mutation.
Explore 4 awesome GitHub repositories matching testing & quality assurance · Coverage-Guided Mutation. Refine with filters or upvote what's useful.
AFL++ is a coverage-guided fuzzing framework that discovers crashes and hangs in software by mutating inputs while tracking which code paths are exercised. It functions as both a fuzzing engine and a campaign manager, supporting targets with or without source code through compile-time instrumentation, dynamic binary instrumentation, and emulation. The framework includes tools for crash triage and analysis, test case minimization, and campaign deployment across local or distributed environments. The framework distinguishes itself through its breadth of instrumentation backends, allowing users
Combines deterministic, havoc, and custom mutators with power schedules to maximize coverage.
Syzkaller is an unsupervised, coverage-guided kernel fuzzer that automatically generates and mutates system call sequences to find bugs in operating system kernels. It operates without human intervention, using a closed feedback loop of input generation, execution, crash detection, and corpus refinement to continuously explore kernel code paths. The fuzzer distinguishes itself by supporting multiple operating system kernels, including Linux, FreeBSD, and Windows, through per-platform syscall harnesses that abstract system call interfaces behind a common driver. It uses declarative description
Generates and mutates sequences of system calls, using kernel code coverage feedback to prioritise inputs that reach new execution paths.
go-fuzz este un instrument de testare randomizată ghidat de acoperire (coverage-guided) pentru identificarea crash-urilor și a bug-urilor de logică în codul Go. Acesta constă într-un fuzzer care evoluează input-urile aleatorii pe baza căilor de execuție a codului, un instrument de instrumentare care produce binare pentru urmărirea acoperirii și un manager de corpus de semințe (seed corpus). Instrumentul utilizează instrumentarea binară la momentul compilării pentru a monitoriza acoperirea ramurilor și folosește o buclă de mutație bazată pe feedback pentru a prioritiza input-urile care ajung în secțiuni noi ale bazei de cod. Include capabilități pentru testarea diferențială comparativă pentru a identifica erorile de logică prin executarea unor implementări diferite ale aceleiași logici cu același input randomizat. Sistemul gestionează generarea de input-uri randomizate pentru a testa sub stres parserele de formate complexe și oferă utilitare pentru minimizarea și deduplicarea corpusurilor de semințe. Poate exporta arhive instrumentate pentru execuție în cadrul unui motor de fuzzing pe Linux.
Uses code coverage metrics as a feedback loop to mutate and evolve inputs for deeper exploration.
AFL is a coverage-guided fuzzer and security vulnerability scanner used to identify software bugs and memory corruption by feeding programs mutated data. It functions as a binary instrumentation tool and a test case minimizer to locate crashes and isolate the smallest set of bytes causing a fault. The project distinguishes itself through its ability to operate as a parallel fuzzing orchestrator, distributing workloads across multiple CPU cores or networked machines. It utilizes dictionary-based mutation for complex file formats and performs input sensitivity analysis to identify critical sect
Generates new test inputs by mutating existing seeds and keeping those that increase observed code coverage.