Fuzzing: a survey for roadmap
Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
Fuzzing vulnerability discovery techniques: Survey, challenges and future directions
C Beaman, M Redbourne, JD Mummery, S Hakak - Computers & Security, 2022 - Elsevier
Fuzzing is a powerful tool for vulnerability discovery in software, with much progress being
made in the field in recent years. There is limited literature available on the fuzzing …
made in the field in recent years. There is limited literature available on the fuzzing …
AFLNet: a greybox fuzzer for network protocols
Server fuzzing is difficult. Unlike simple command-line tools, servers feature a massive state
space that can be traversed effectively only with well-defined sequences of input messages …
space that can be traversed effectively only with well-defined sequences of input messages …
Libafl: A framework to build modular and reusable fuzzers
The release of AFL marked an important milestone in the area of software security testing,
revitalizing fuzzing as a major research topic and spurring a large number of research …
revitalizing fuzzing as a major research topic and spurring a large number of research …
Seed selection for successful fuzzing
Mutation-based greybox fuzzing---unquestionably the most widely-used fuzzing technique---
relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process …
relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process …
Ijon: Exploring deep state spaces via fuzzing
Although current fuzz testing (fuzzing) methods are highly effective, there are still many
situations such as complex state machines where fully automated approaches fail. State-of …
situations such as complex state machines where fully automated approaches fail. State-of …
Nyx: Greybox hypervisor fuzzing using fast snapshots and affine types
A hypervisor (also know as virtual machine monitor, VMM) enforces the security boundaries
between different virtual machines (VMs) running on the same physical machine. A …
between different virtual machines (VMs) running on the same physical machine. A …
Montage: A neural network language {Model-Guided}{JavaScript} engine fuzzer
JavaScript (JS) engine vulnerabilities pose significant security threats affecting billions of
web browsers. While fuzzing is a prevalent technique for finding such vulnerabilities, there …
web browsers. While fuzzing is a prevalent technique for finding such vulnerabilities, there …
JIT-picking: Differential fuzzing of JavaScript engines
L Bernhard, T Scharnowski, M Schloegel… - Proceedings of the …, 2022 - dl.acm.org
Modern JavaScript engines that power websites and even full applications on the Web are
driven by the need for an increasingly fast and snappy user experience. These engines use …
driven by the need for an increasingly fast and snappy user experience. These engines use …
Frankenstein: Advanced wireless fuzzing to exploit new bluetooth escalation targets
Wireless communication standards and implementations have a troubled history regarding
security. Since most implementations and firmwares are closed-source, fuzzing remains one …
security. Since most implementations and firmwares are closed-source, fuzzing remains one …