ClusterFuzz

ClusterFuzz is a scalable fuzzing infrastructure which finds security and stability issues in software.

It is used by Google for fuzzing the Chrome Browser, and serves as the fuzzing backend for OSS-Fuzz.

ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process:

Highly scalable. Google's internal instance runs on over 25,000 machines.
Accurate deduplication of crashes.
Fully automatic bug filing and closing for issue trackers (Monorail only for now).
Testcase minimization.
Regression finding through bisection.
Statistics for analyzing fuzzer performance, and crash rates.
Easy to use web interface for management and viewing crashes.
Support for coverage guided fuzzing (e.g. libFuzzer and AFL) and blackbox fuzzing.

Overview

You can find detailed documentation here.

As of January 2019, ClusterFuzz has found ~16,000 bugs in Chrome and ~11,000 bugs in over 160 open source projects integrated with OSS-Fuzz.

You can file an issue to ask questions, request features, or ask for help.

Name		Name	Last commit message	Last commit date
Latest commit History 140 Commits
bot		bot
configs/test		configs/test
docker		docker
docs		docs
local		local
resources		resources
src		src
.bowerrc		.bowerrc
.coveragerc		.coveragerc
.gitignore		.gitignore
.pylintrc		.pylintrc
.style.yapf		.style.yapf
CHANGELOG.md		CHANGELOG.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
PRESUBMIT.py		PRESUBMIT.py
README.md		README.md
__init__.py		__init__.py
bower.json		bower.json
butler.py		butler.py
cloudbuild.yaml		cloudbuild.yaml