explaingit

google/fuzzing

3,760C++Audience · developerComplexity · 1/5Setup · easy

TLDR

A community-maintained collection of guides and tutorials about fuzzing, a software testing technique that feeds programs random inputs to find crashes and security vulnerabilities, hosted by Google.

Mindmap

mindmap
  root((Google Fuzzing))
    What it is
      Guides and tutorials
      Community resource
      Fuzzing education
    Tools covered
      OSS-Fuzz
      ClusterFuzz
      FuzzBench
    Topics
      Why fuzzing matters
      Good test targets
      Input handling
    Audience
      Developers
      Security researchers
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Learn how to start fuzzing your own software by following the getting-started guides

USE CASE 2

Understand what makes a good fuzz test target to improve your security testing coverage

USE CASE 3

Compare fuzzing tools like OSS-Fuzz and FuzzBench to pick the right one for your project

Tech stack

C++

Getting it running

Difficulty · easy Time to first run · 30min

In plain English

This is a community resource hosted by Google for people who want to learn about fuzzing, a software testing technique where a program is fed large amounts of random or semi-random input to find crashes and security vulnerabilities. It is not a tool you run, it is a collection of guides, tutorials, and discussion material. The repository contains documentation covering why fuzzing matters, how to get started, what makes a good test target, and how to handle different types of input. There are also guides on specific fuzzing tools used in practice. The project links to several related Google tools: OSS-Fuzz runs automated fuzzing on open source software continuously, ClusterFuzz provides the underlying infrastructure for large-scale fuzzing, and FuzzBench lets teams compare how well different fuzzers perform. External contributions are welcome. The README notes clearly that this is not an official Google product, so it is a community-oriented resource rather than a supported commercial offering.

Copy-paste prompts

Prompt 1
Using the guidance from google/fuzzing, help me write a fuzz test for a C++ function that parses user-supplied JSON input
Prompt 2
What kinds of programs are best suited for fuzzing and how do I pick an entry point for my fuzzing target based on google/fuzzing recommendations?
Prompt 3
Explain the difference between OSS-Fuzz, ClusterFuzz, and FuzzBench as described in google/fuzzing and tell me which one I should use to fuzz my open-source project
Prompt 4
Based on google/fuzzing best practices, review my fuzz test harness and suggest improvements to maximize the chance of finding bugs
Open on GitHub → Explain another repo

← google on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.