fuzz

command
v0.28.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 2, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Command fuzz starts a fuzzing campaign for a randomly chosen fuzz target using gosentry (https://github.com/trailofbits/gosentry), Trail of Bits' Go-toolchain fork that runs `go test -fuzz` on top of LibAFL.

It scans the module for Go fuzz targets (func FuzzXxx(f *testing.F)), picks one at random, and invokes the gosentry toolchain with LibAFL enabled. The gosentry binary, fuzz duration, target selection, and the LibAFL knobs are all configurable via flags; any trailing arguments after `--` are passed through verbatim to `go test`.

Examples:

# Fuzz a random target for one minute with the default gosentry toolchain.
go run ./internal/cmd/fuzz -fuzztime=1m

# List every discovered target without running anything.
go run ./internal/cmd/fuzz -list

# Fuzz a specific target with grammar-based mutation.
go run ./internal/cmd/fuzz -target=FuzzManifestDecode -grammar=testdata/JSON.json

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL