A repository for top fuzzing works in the literature.
I did not co-author, and do not own the rights to, any of the papers in this repository. If you have questions about a particular work, I recommend you reach out to one of the authors directly. Otherwise, feel free to report issues / create PRs if you see any blatent errors in my summaries, or if you think I missed some works. Please do not bother requesting a paper from a venue that is not in the first tier ranking for computer security conferences, unless that paper has a lot of citations.
- NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (2021)
- STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting (2021)
- IJON: Exploring Deep State Spaces via Fuzzing (2020)
- Fuzzing JavaScript Engines with Aspect-preserving Mutation (2020)
- Full-Speed Fuzzing: Reducing Fuzzing Overhead through Coverage-Guided Tracing (2019)
- ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery (2019)
- NEUZZ: Efficient Fuzzing with Neural Program Smoothing (2019)
- Fuzzing File Systems via Two-Dimensional Input Space Exploration (2018)
- Angora: Efficient Fuzzing by Principled Search (2018)
- T-Fuzz: Fuzzing by Program Transformation (2018)
- CollAFL: Path Sensitive Fuzzing (2018)
- Skyfire: Data-driven seed generation for fuzzing (2017)
- Regression greybox fuzzing (2021)
- FREEDOM: Engineering a State-of-the-Art DOM Fuzzer (2020)
- Matryoshka: fuzzing deeply nested branches (2019)
- Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing (2019)
- Evaluating Fuzz Testing (2018)
- Hawkeye: Towards a Desired Directed Grey-box Fuzzer (2018)
- Directed Greybox Fuzzing (2017)
- SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits (2017)
- SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities (2017)
- Designing New Operating Primitives to Improve Fuzzing Performance (2017)
- IMF: Inferred Model-based Fuzzer (2017)
- Coverage-based Greybox Fuzzing as Markov Chain (2016)
- Systematic Fuzzing and Testing of TLS Libraries (2016)
- NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types (2021)
- Constraint-guided Directed Greybox Fuzzing (2021)
- ICSFuzz: Manipulating I/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications (2021)
- Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing (2021)
- ParmeSan: Sanitizer-guided Greybox Fuzzing (2020)
- FuzzGen: Automatic Fuzzer Generation (2020)
- Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection (2020)
- Analysis of DTLS Implementations Using Protocol State Fuzzing (2020)
- FANS: Fuzzing Android Native System Services via Automated Interface Analysis (2020)
- FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning (2020)
- GREYONE: Data Flow Sensitive Fuzzing (2020)
- Grimoire: Synthesizing Structure while Fuzzing (2019)
- MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation (2018)
- QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing (2018)
- kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels (2017)
- OSS-Fuzz - Google's continuous fuzzing service for open source software (2017)
- Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing (2021)
- HFL: Hybrid Fuzzing on the Linux Kernel (2020)
- Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization (2020)
- HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing (2020)
- HYPER-CUBE: High-Dimensional Hypervisor Fuzzing (2020)
- REDQUEEN: Fuzzing with Input-to-State Correspondence (2019)
- IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing (2018)
- What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (2018)
- VUzzer: Application-aware Evolutionary Fuzzing (2017)
- Driller: Augmenting Fuzzing Through Selective Symbolic Execution (2016)