Build a database of libc offsets to simplify exploitation

Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android

Recent Fuzzing Paper

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Syzygy Transformation Toolchain

AFL + DynamoRIO = fuzzing binaries with no source code on Linux

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

A fork of AFL for fuzzing Windows binaries

afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.

Directed Greybox Fuzzing with AFL

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

AFLFast (extends AFL with Power Schedules)

Smart Greybox Fuzzing (https://thuanpv.github.io/publications/TSE19_aflsmart.pdf)

A linux system call fuzzer using TriforceAFL

AFL/QEMU fuzzing with full-system emulation.

Improving AFL by using Intel PT to collect branch information

This implements a 64-bit version of vusec/vuzzer fuzzing tool.

FANS: Fuzzing Android Native System Services

american fuzzy lop - a security-oriented fuzzer

ParmeSan: Sanitizer-guided Greybox Fuzzing

A self-hosted Fuzzing-As-A-Service platform

RetroWrite -- Retrofitting compiler passes through binary rewriting

A lightweight dynamic instrumentation library

DyninstAPI: Tools for binary instrumentation, analysis, and modification.

A static binary rewriter that does not use heuristics

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

syzkaller is an unsupervised coverage-guided kernel fuzzer

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!