Awesome Fuzzers List

A curated list of fuzzing tools, frameworks, and resources categorized by fuzzing type, platform, and purpose.

Types of Fuzzers

• Dumb Fuzzer: No knowledge of data structure, generates random inputs.

  • Examples: Radamsa

• Generation Fuzzer: Generates inputs based on specifications or formats.

  • Examples: Peach, Sulley, Boofuzz

• Coverage Guided Fuzzer: Monitors code coverage and program flow with instrumentation.

  • Examples: Jazzer, AFL++

---

Dictionary-based Fuzzers

• p0dalirius HTTP Fuzzing Scripts
• RAFT Wordlists
• OpenDoor

---

Web Fuzzers

• LFI Fuzzer for Burp Suite
• Burp Suite Extensions
• FeroxFuzz
• Recollapse

---

Network Fuzzers

• Peach
• MedAudit
• Fuzzotron
• Sulley
• Boofuzz

---

All-in-One Resources

• The Art of Fuzzing
• Fuzzing 101

---

Fuzzing Frameworks

• Executable Simulation: Qiling Framework
• Extension Fuzzer: FormatFuzzer
• eBPF Fuzzer: Buzzer

---

Benchmarks and Vulnerable Programs

• Benchmark Fuzzers: Fuzzbench
• Vulnerable Programs: Damn Vulnerable C Program

---

Windows Fuzzing

• WTF Snapshot-based Fuzzer
• WinAFL

---

Linux Fuzzing

• AFL++
• NEUZZ
• Libfuzzer

---

Cross-platform Fuzzing

• kAFL
• Radamsa

---

Specialized Fuzzing

• CPU Fuzzing: Silifuzz
• Continuous Fuzzing: OSS-Fuzz
• Precompiled Fuzzers: Fuzztest, MemorySanitizer

---

Language-Specific Fuzzers

• Go: go-fuzz
• Rust: cargo-fuzz
• JavaScript: Jazzer.js, Fuzzilli
• Python: Atheris
• Java: Jazzer

---

Platform-Specific Fuzzing

• Android Fuzzing: Android Fuzzing
• Samsung & MediaTek Fuzzing: FirmWire

---

Browser Fuzzing

• Dharma
• Freedom
• BFuzz
• SaGe Browser Fuzzer

---

Blockchain Fuzzing

• Beaconfuzz Presentation

---

Books and Learning Resources

• Books: Fuzzing Against the Machine, Gray Hat Python
• Build Custom Fuzzers: Fuzzing Book