Honggfuzz Logo

Honggfuzz

0
Free
Visit Website

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options. See the Usage document for a primer on Honggfuzz use. Latest stable version: 2.6 Changelog Installation: sudo apt-get install binutils-dev libunwind-dev libblocksruntime-dev clang make Features: - It's multi-process and multi-threaded: there's no need to run multiple copies of your fuzzer, as honggfuzz can unlock potential of all your available CPU cores with a single running instance. - The file corpus is automatically shared and improved between all fuzzed processes. - It's blazingly fast when the persistent fuzzing mode is used. A simple/empty LLVMFuzzerTestOneInput function can be tested with up to 1mo iterations per second on a relatively modern CPU (e.g. i7-6700K). - Has a solid track record of uncovered security bugs: the only (to the date) vulnerability in OpenSSL with the critical score mark was discovered by honggfuzz. See the Trophies paragraph for the summary of findings to the date. - Uses low-level interfaces to monitor processes (e.g. ptrace under Linux and NetBSD). As opposed to other fuzzers, it will discover and report hijacked/ignored signals.

FEATURES

ALTERNATIVES

Community project for developing common guidelines and best practices for secure configurations.

A tool to easily automate and multithread your pentesting and bug bounty workflow without any coding

SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.

Command-line tool for downloading APKs from Appland platform.

Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.

A comprehensive guide for implementing best practices in cybersecurity across various systems.

YARA plugin for Sublime Text with syntax highlighting and snippets.

Kubernetes security platform with industry standard open source utilities for securing Kubernetes clusters and apps.