OneFuzz

OneFuzz is a cross-platform free and open source fuzz testing framework by Microsoft.[1] The software enables continuous developer-driven fuzz testing to identify weaknesses in computer software prior to release.[2]

OneFuzz
Other namesProject OneFuzz
Developer(s)Microsoft
Initial releaseSeptember 18, 2020 (2020-09-18)
Stable release
6.3.0 / January 25, 2023 (2023-01-25)
Repositorygithub.com/microsoft/onefuzz
Written inRust, Python
Operating systemWindows, Linux
PlatformCross-platform
TypeFuzzer
LicenseMIT License
Websitewww.microsoft.com/en-us/research/project/project-onefuzz/

Overview

OneFuzz is a self-hosted fuzzing-as-a-service platform that automates the detection of software bugs that could be security issues.[1] It supports Windows and Linux.[2]

Notable features include composable fuzzing workflows, built-in ensemble fuzzing, programmatic triage and result de-duplication, crash reporting notification callbacks, and on-demand live-debugging of found crashes.[3][2] The command-line interface client is written in Python 3, and targets Python 3.7 and up.[4]

Microsoft uses the OneFuzz testing framework to probe Edge, Windows and other products at the company.[1] It replaced the previous Microsoft Security Risk Detection software testing mechanism.[2]

The source code was released on September 18, 2020.[1] It is licensed under MIT License and hosted on GitHub.[5]

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.