OWASP WSFuzzerOWASP
|
||||||
Related Products
|
||||||
About
The Fuzzbuzz workflow is very similar to other CI/CD testing workflows. However, unlike other testing workflows, fuzz testing requires multiple jobs to run simultaneously, which results in a few extra steps. Fuzzbuzz is a fuzz testing platform. We make it trivial for developers to add fuzz tests to their code and run them in CI/CD, helping them catch critical bugs and vulnerabilities before they hit production. Fuzzbuzz completely integrates into your environment, following you from the terminal to CI/CD. Write a fuzz test in your environment and use your own IDE, terminal, or build tools. Push to CI/CD and Fuzzbuzz will automatically start running your fuzz tests against your latest code changes. Get notified when bugs are found through Slack, GitHub, or email. Catch regressions as new changes are automatically tested and compared to previous runs. Code is built and instrumented by Fuzzbuzz as soon as a change is detected.
|
About
Fuzz testing or fuzzing is a software testing technique, that basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. Let’s consider an integer in a program, which stores the result of a user’s choice between 3 questions. When the user picks one, the choice will be 0, 1, or 2, which makes three practical cases. Integers are stored as a static size variable. If the default switch case hasn’t been implemented securely, the program may crash and lead to “classical” security issues. Fuzzing is the art of automatic bug finding, and its role is to find software implementation faults and identify them if possible. A fuzzer is a program that automatically injects semi-random data into a program/stack and detects bugs. The data-generation part is made of generators, and vulnerability identification relies on debugging tools. Generators usually use combinations of static fuzzing vectors.
|
|||||
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
|||||
Audience
Developers in search of a solution to add fuzz tests to their code
|
Audience
Professional users looking for a solution to find bugs automatically
|
|||||
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
|||||
API
Offers API
|
API
Offers API
|
|||||
Screenshots and Videos |
Screenshots and Videos |
|||||
Pricing
Free
Free Version
Free Trial
|
Pricing
No information available.
Free Version
Free Trial
|
|||||
Reviews/
|
Reviews/
|
|||||
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
|||||
Company InformationFuzzbuzz
United States
github.com/fuzzbuzz
|
Company InformationOWASP
United States
owasp.org/www-community/Fuzzing
|
|||||
Alternatives |
Alternatives |
|||||
|
|
|
|||||
|
|
||||||
|
|
|
|||||
|
|
|
|||||
Categories |
Categories |
|||||
Integrations
Bitbucket
C
C++
CI Fuzz
Debian
Git
GitHub
GitLab
Go
LibFuzzer
|
Integrations
Bitbucket
C
C++
CI Fuzz
Debian
Git
GitHub
GitLab
Go
LibFuzzer
|
|||||
|
|
|