HOME

TheInfoList



Click Here for Items Related To - OneFuzz
OR:
OneFuzz on:   [Wikipedia]   [Google]   [Amazon]

OneFuzz is a cross-platform
free and open source Free and open-source software (FOSS) is software available under a license that grants users the right to use, modify, and distribute the software modified or not to everyone free of charge. FOSS is an inclusive umbrella term encompassing free ...
fuzz testing framework by
Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
. The software enables
continuous Continuity or continuous may refer to: Mathematics * Continuity (mathematics), the opposing concept to discreteness; common examples include ** Continuous probability distribution or random variable in probability and statistics ** Continuous ...
developer-driven fuzz testing to identify weaknesses in
computer software Software consists of computer programs that instruct the Execution (computing), execution of a computer. Software also includes design documents and specifications. The history of software is closely tied to the development of digital comput ...
prior to release.


Overview

OneFuzz is a self-hosted fuzzing-as-a-service platform that automates the detection of
software bug A software bug is a design defect ( bug) in computer software. A computer program with many or serious bugs may be described as ''buggy''. The effects of a software bug range from minor (such as a misspelled word in the user interface) to sev ...
s that could be security issues. It supports
Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
and
Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
. Notable features include composable fuzzing workflows, built-in ensemble fuzzing, programmatic triage and result de-duplication, crash reporting notification callbacks, and on-demand live-debugging of found crashes. The
command-line interface A command-line interface (CLI) is a means of interacting with software via command (computing), commands each formatted as a line of text. Command-line interfaces emerged in the mid-1960s, on computer terminals, as an interactive and more user ...
client is written in
Python 3 The programming language Python (programming language), Python was conceived in the late 1980s, and its implementation was started in December 1989 by Guido van Rossum at Centrum Wiskunde & Informatica, CWI in the Netherlands as a successor ...
, and targets Python 3.7 and up. Microsoft uses the OneFuzz testing framework to probe
Edge Edge or EDGE may refer to: Technology Computing * Edge computing, a network load-balancing system * Edge device, an entry point to a computer network * Adobe Edge, a graphical development application * Microsoft Edge, a web browser developed by ...
, Windows and other products at the company. It replaced the previous ''Microsoft Security Risk Detection'' software testing mechanism. The
source code In computing, source code, or simply code or source, is a plain text computer program written in a programming language. A programmer writes the human readable source code to control the behavior of a computer. Since a computer, at base, only ...
was released on September 18, 2020. It is licensed under
MIT License The MIT License is a permissive software license originating at the Massachusetts Institute of Technology (MIT) in the late 1980s. As a permissive license, it puts very few restrictions on reuse and therefore has high license compatibility. Unl ...
and hosted on
GitHub GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug trackin ...
. On August 31, 2023, it was announced that development would be coming to an end. On November 1, 2023, the GitHub project was archived.


See also

*
Test automation In software testing, test automation is the use of software separate from the software being tested to control the execution of tests and the comparison of actual outcomes with predicted outcomes. Test automation can automate some repetitive bu ...
*
Random testing Random testing is a black-box software testing technique where programs are tested by generating random, independent inputs. Results of the output are compared against software specifications to verify that the test output is pass or fail. In case ...
*
American fuzzy lop (fuzzer) American Fuzzy Lop (AFL), stylized in all lowercase as , is a free software fuzzer that employs genetic algorithms in order to efficiently increase code coverage of the test cases. So far it has detected hundreds of significant software bugs in ...
*
DynamoRIO DynamoRIO is a BSD-licensed dynamic binary instrumentation framework for the development of dynamic program analysis tools. DynamoRIO targets user space applications under the Android, Linux, and Windows operating systems running on the AArch32 ...
*
Pin (computer program) A pin is a device used for fastening objects or material together. Pin or PIN may also refer to: People * Ayah Pin (1941–2016), Malaysian cult leader Surname "Pin" * Camille Pin (born 1981), French tennis player * Celeste Pin (born 1961), I ...


References


External links

* *
Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale
Free and open-source software Free software programmed in Rust Free software testing tools Security testing tools Microsoft free software Microsoft Research Software using the MIT license 2020 software {{Microsoft-software-stub