Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Zig

CoffeeScript

C

Scala

C#

Shell

Lua

Ruby

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

TypeScript

R

C++

Python

Lua

PHP

Go

Java

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇧🇷 Brazil

🇰🇲 Comoros

🇸🇪 Sweden

🇰🇾 Cayman Islands

🇹🇼 Taiwan

🇹🇬 Togo

🇬🇵 Guadeloupe

🇲🇼 Malawi

All Countries Compare Countries

MozillaSecurity/octo

Stars
116
Rank 302,098 (Top 6 %)
Language
JavaScript
License
Mozilla Public Li...
Created over 7 years ago
Updated 7 months ago

MozillaSecurity/octo

MozillaSecurity

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A fuzzing library in JavaScript. ✨

A unified shared library which aids in building fuzzers for browsers or as complement for an already existing fuzzing framework.

Octo.js bundles core functions and generic boilerplate code commonly used in most frameworks for fuzzing browsers. It is designed for the sharing of improvements between our individual fuzzers, and with the purpose of reducing the maintainability of those core features with minimal effort.

Octo's future aims to be a stable, well-tested and well-documented standard library for fuzzing in a JavaScript environment.

Table of Contents

Table of Contents

Playbook

https://npm.runkit.com/@mozillasecurity/octo

Usage in Node

yarn add @mozillasecurity/octo

const { random, make } = require("@mozillasecurity/octo");
random.init();

// Common Operations
make.number.any();
make.text.any();

// WebCrypto
make.crypto.randomAlgorithm();

// WebGL
make.webgl.randomSamplerParameter();

Take a look into the API documentation for further use cases.

Usage in the Browser

yarn install
yarn build

A bundled production build (octo.js) is placed into the local dist directory.

Development

yarn lint
yarn test
yarn build

Testing

Octo.js uses Jest for testing. Each directory should contain a __tests__ folder containing the tests.

yarn test

API Documentation

https://mozillasecurity.github.io/octo

or

yarn docs

What do the developers say?

Divide-by-zero in [@webrtc::I420Buffer::CropAndScaleFrom]

Impressive that the fuzzer found such a high multiple of 65536. I'd expect it to start with common edge cases like -1, 0, 1, etc.

funfuzz

A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.

fuzzdata

Fuzzing resources for feeding various fuzzers with input. 🔧

dharma

Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.

peach

Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.

grizzly

A cross-platform browser fuzzing framework

FuzzManager

A fuzzing management tools collection

lithium

Line-based testcase reducer

libfuzzer-python-bridge

A Python3 bridge for implementing custom libFuzzer mutators

orion

CI/CD pipeline for building and publishing multiple 🐳 containers as microservices within a mono repository.

quokka

Quokka is a utility to launch and monitor application for faults.

fuzzfetch

Downloader for Firefox/jsshell builds for fuzzing.

ffpuppet

A Python module that aids in the automation of Firefox at the process level

avalanche

Avalanche is a document generator which uses context-free grammars to generate randomized outputs for fuzz-testing.

laniakea

Laniakea is a utility for managing instances at various cloud providers and aids in setting up a fuzzing cluster.

virgo

Crowdsourced fuzzing cluster. 🚀

framboise

Framboise is a fuzzer for in-depth testing of WebAPIs.

ec2SpotPrices

[Deprecated and unmaintained] Uses boto to retrieve current spot instance prices on Amazon EC2.

corpus-replicator

A corpus generation tool

domfuzz

DOM fuzzers - not maintained anymore

snapshot-fuzzing

Custom Agent and Tooling for using Nyx with Firefox

marifuzz

[Deprecated and unmaintained] A user interaction fuzzer for Firefox OS, based on the Marionette framework.

site-scout

prefpicker

Manage & generate prefs.js files

bugmon

Automatic analysis of SpiderMonkey and Firefox bugs on Bugzilla

openh264fuzz

A lightweight fuzzer for the encoder and decoder of OpenH264

autobisect

Automatic Bisection Firefox and SpiderMonkey Bugs

faulty

Bucket repository of infrastructure and managment scripts for fuzzing IPC Protocol Definition Language (IPDL) protocols.

dolly

A Cookiecutter project template for projects in Python.

orangfuzz

[Deprecated and unmaintained] An experimental UI fuzzer based on the orangutan framework for Firefox OS devices

reachable

Repository for Project Reachable

photon

A utility for managing RAM disks.

hedwig

Hedwig is a commit monitor for GitHub using the GitHub REST API.

hermes

Hermes is the codename for the integrated Message Manager fuzzer in Firefox.

guided-fuzzing-daemon

mozilla-build-configs

Build configurations of Firefox for Fuzzing and Sanitizer builds.

fuzzing-tc

Code for Taskcluster Tasks in Fuzzing

psbootstrap

psbootstrap assists in creating files needed to bootstrap a Windows machine for Mozilla development in EC2.

fuzzpriv

bugmon-tc

Tools for running Bugmon in TaskCluster