A multi-platform fuzzer for poking at userland binaries and servers.
Litefuzz is meant to serve a purpose: fuzz and triage on all the major platforms, support both CLI/GUI apps, network clients and servers in order to find security-related bugs. It simplifies the process and makes it easy to discover security bugs in many different targets, across platforms, while just making a few honest trade-offs.
What it does:
- runs on linux, windows and mac and supports py2/py3
- fuzzes CLI/GUI binaries that read from files/stdin
- fuzzes network clients and servers, open source or proprietary, available to debug locally or remote
- diffs, minimization, replay, sorting and auto-triaging of crashes
- misc stuff like TLS support, golang binary fuzzing and some extras for Mac
- mutates input with various built-in mutators + pyradamsa (Linux)
- Local CLI/GUI apps that parse file formats or stdin
- Local CLI/GUI network client that parses server responses
- Local CLI network server that parses client requests
- Local GUI network server that parses client requests
- Remote CLI/GUI network client that parses server responses
- Remote CLI/GUI network server that parses client requests