Documentation
¶
Overview ¶
Command fuzz starts a fuzzing campaign for a randomly chosen fuzz target using gosentry (https://github.com/trailofbits/gosentry), Trail of Bits' Go-toolchain fork that runs `go test -fuzz` on top of LibAFL.
It scans the module for Go fuzz targets (func FuzzXxx(f *testing.F)), picks one at random, and invokes the gosentry toolchain with LibAFL enabled. The gosentry binary, fuzz duration, target selection, and the LibAFL knobs are all configurable via flags; any trailing arguments after `--` are passed through verbatim to `go test`.
Examples:
# Fuzz a random target for one minute with the default gosentry toolchain. go run ./internal/cmd/fuzz -fuzztime=1m # List every discovered target without running anything. go run ./internal/cmd/fuzz -list # Fuzz a specific target with grammar-based mutation. go run ./internal/cmd/fuzz -target=FuzzManifestDecode -grammar=testdata/JSON.json
Click to show internal directories.
Click to hide internal directories.