-
Notifications
You must be signed in to change notification settings - Fork 37
Q&A
Q: Is Grizzly required to reproduce issues that it finds?
A: No. Test cases are intended to be standalone. If problems arise make sure the browser build type is correct and the browser is configured correctly (prefs.js).
Q: Can multiple Grizzly instances be run in parallel?
A: Yes, if your Adapter is multi-process safe, Grizzly is too.
Q: Firefox crashes immediately on launch. What should I do?
A: Verify that the build works standalone and make sure to use a up-to-date prefs.js. PrefPicker can be used to generate prefs.js files for fuzzing.
Q: Which OSs are supported?
A: Currently Linux, MacOS and Windows are supported. Android support is under development.
Q: Which builds are best for fuzzing?
A: ASan builds are typically the best to start with. They can be found here or better yet use fuzzfetch.
Q: Are the Firefox bugs found by Grizzly eligible for a bug bounty?
A: Yes. See the full details here.
Q: Does Grizzly work with browsers other than Firefox?
A: Grizzly is meant to be browser agnostic. At the moment we only provide a Target to work with Firefox. Adding support for other browsers via a Target is possible and encouraged.
Q: Does Grizzly support tools/fuzzers written in languages other than Python?
A: Yes. See here for an example.
Q: How do I get an aggregate report for fuzzing instances?
A: python3 -m grizzly.common.status_reporter --system-report
Q: Can I fuzz other applications that are not browsers, such as the JS shell, etc?
A: No. Grizzly had been built specifically to handle the complexities of browser fuzzing.