About Fandango

Welcome to Fandango! Fandango is a generator of inputs and interactions for software testing. Given the specification of a program’s input or interaction language, Fandango quickly generates myriads of valid sample inputs for testing.

The specification language combines a grammar with constraints written in Python, so it is extremely expressive and flexible. Most notably, you can define your own testing goals in Fandango. If you need the inputs to have particular values or distributions, you can express all these right away in Fandango.

Fandango supports multiple modes of operation:

• By default, Fandango operates as a black-box fuzzer - that is, it creates inputs from a .fan Fandango specification file.

• If you have sample inputs, Fandango can mutate these to obtain more realistic inputs.

• Fandango can also produce interactions for protocol fuzzing - that is, it acts as a client or server producing and reacting to interactions according to specification.

Fandango comes as a portable Python program and can easily be run on a large variety of platforms.

Under the hood, Fandango uses sophisticated evolutionary algorithms to produce inputs, it starts with a population of random inputs, and evolves these through mutations and cross-over until they fulfill the given constraints.

Fandango is in active development! Features planned for 2026 include:

• coverage-guided testing

• code-directed testing

• high diversity inputs

and many more.

The Fandango Paper

To learn more about how Fandango works, start with the ISSTA 2025 paper “FANDANGO: Evolving Language-Based Testing” by Zamudio Amaya, Smytzek, and Zeller [ZASZ25]:

To cite this paper, use this BibTeX reference:

@article{zamudio2025fandango,
author = {Zamudio Amaya, Jos\'{e} Antonio and Smytzek, Marius and Zeller, Andreas},
title = {{FANDANGO}: {E}volving Language-Based Testing},
year = {2025},
issue_date = {July 2025},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {2},
number = {ISSTA},
url = {https://doi.org/10.1145/3728915},
doi = {10.1145/3728915},
abstract = {Language-based fuzzers leverage formal input specifications (languages) to generate arbitrarily large and diverse sets of valid inputs for a program under test. Modern language-based test generators combine grammars and constraints to satisfy syntactic and semantic input constraints. ISLA, the leading input generator in that space, uses symbolic constraint solving to solve input constraints. Using solvers places ISLA among the most precise fuzzers but also makes it slow.    In this paper, we explore search-based testing as an alternative to symbolic constraint solving. We employ a genetic algorithm that iteratively generates candidate inputs from an input specification, evaluates them against defined constraints, evolving a population of inputs through syntactically valid mutations and retaining those with superior fitness until the semantic input constraints are met. This evolutionary procedure, analogous to natural genetic evolution, leads to progressively improved inputs that cover both semantics and syntax. This change boosts the efficiency of language-based testing: In our experiments, compared to ISLA, our search-based FANDANGO prototype is faster by one to three orders of magnitude without sacrificing precision.    The search-based approach no longer restricts constraints to constraint solvers' (miniature) languages. In FANDANGO, constraints can use the whole Python language and library. This expressiveness gives testers unprecedented flexibility in shaping test inputs. It allows them to state arbitrary goals for test generation: ''Please produce 1,000 valid test inputs where the voltage field follows a Gaussian distribution but never exceeds 20 mV.''},
journal = {Proc. ACM Softw. Eng.},
month = jun,
articleno = {ISSTA040},
numpages = {23},
keywords = {Language-based testing, fuzzing, test generation}
}

Note that the first author’s first name is “José Antonio”, and his last name is “Zamudio Amaya”.

Link to Fandango

To link to Fandango, use its official URL:

https://fandango-fuzzer.github.io

Read More

The core idea of Fandango, namely combining grammars and constraints, was introduced as language-based software testing by Steinhöfel and Zeller [SteinhofelZ24] and first implemented in the ISLa framework [SteinhofelZ22]. Both of these laid the foundation for Fandango.

The work on Fandango is funded by the ERC S3 project “Semantics of Software Systems”; the S3 grant proposal (available via the above link) lists several ideas that have been realized in Fandango (and a few more).

The work on Fandango is also related to mining grammars from programs and inputs. Important works in the field include Bettscheider and Zeller [BZ24], Gopinath, Mathis, and Zeller [GMZ20], Schröder and Cito [SchroderC22], and Kulkarni, Lemieux, and Sen [KLS22].

[BZ24]

Leon Bettscheider and Andreas Zeller. Look ma, no input samples! mining input grammars from code with symbolic parsing. In Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering, FSE 2024, 522–526. New York, NY, USA, 2024. Association for Computing Machinery. URL: https://doi.org/10.1145/3663529.3663790, doi:10.1145/3663529.3663790.

[GMZ20]

Rahul Gopinath, Björn Mathis, and Andreas Zeller. Mining input grammars from dynamic control flow. In Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2020, 172–183. New York, NY, USA, 2020. Association for Computing Machinery. URL: https://doi.org/10.1145/3368089.3409679, doi:10.1145/3368089.3409679.

[HZ20]

Nikolas Havrikov and Andreas Zeller. Systematically covering input structure. In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering, ASE '19, 189–199. IEEE Press, 2020. URL: https://doi.org/10.1109/ASE.2019.00027, doi:10.1109/ASE.2019.00027.

[KLS22]

Neil Kulkarni, Caroline Lemieux, and Koushik Sen. Learning highly recursive input grammars. In Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering, ASE '21, 456–467. IEEE Press, 2022. URL: https://doi.org/10.1109/ASE51524.2021.9678879, doi:10.1109/ASE51524.2021.9678879.

[SchroderC22]

Michael Schröder and Jürgen Cito. Grammars for free: toward grammar inference for ad hoc parsers. In Proceedings of the ACM/IEEE 44th International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER '22, 41–45. New York, NY, USA, 2022. Association for Computing Machinery. URL: https://doi.org/10.1145/3510455.3512787, doi:10.1145/3510455.3512787.

[SteinhofelZ22]

Dominic Steinhöfel and Andreas Zeller. Input invariants. In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2022, 583–594. New York, NY, USA, 2022. Association for Computing Machinery. URL: https://doi.org/10.1145/3540250.3549139, doi:10.1145/3540250.3549139.

[SteinhofelZ24]

Dominic Steinhöfel and Andreas Zeller. Language-based software testing. Commun. ACM, 67(4):80–84, March 2024. URL: https://doi.org/10.1145/3631520, doi:10.1145/3631520.

[ZASZ25]

José Antonio Zamudio Amaya, Marius Smytzek, and Andreas Zeller. FANDANGO: Evolving language-based testing. Proc. ACM Softw. Eng., June 2025. URL: https://doi.org/10.1145/3728915, doi:10.1145/3728915.

Acknowledgments

Fandango is a project of the CISPA Helmholtz Center for Information Security to facilitate highly efficient and highly customizable software testing.

This research was funded by the European Union (ERC “Semantics of Software Systems”, S3, 101093186). Views and opinions expressed are however those of the authors only and do not necessarily reflect those of the European Union or the European Research Council. Neither the European Union nor the granting authority can be held responsible for them.