Fuzzing with Fandango#
Fuzzing with Fandango
Fandango produces myriads of high-quality random inputs to test programs, giving users unprecedented control over format and shape of the inputs.
Specify the format of your input data in a single file, combining grammars (for input syntax) and constraints (for arbitrary input features). Constraints come as Python code, so there are no limits to what you can specify.
Produce valid inputs at high speeds, from hundreds to thousands of inputs per second, quickly covering the entire input space. Test with extreme and uncommon values, uncovering bugs before your users do.
Create textual and binary inputs, using bit fields and bit sequences. Use regular expressions for quick and easy specifications. Make use of existing samples to obtain realistic inputs.
Fandango is a project of the CISPA Helmholtz Center for Information Security to facilitate highly efficient and highly customizable software testing.
This research was funded by the European Union (ERC “Semantics of Software Systems”, S3, 101093186). Views and opinions expressed are however those of the authors only and do not necessarily reflect those of the European Union or the European Research Council. Neither the European Union nor the granting authority can be held responsible for them.