FuzzSplore: Visualizing Feedback-Driven Fuzzing Techniques
This tool helps security analysts and researchers to better understand and optimize fuzzing campaigns by providing visual insights into the performance of different fuzzing techniques.
This paper addresses the challenge of evaluating and comparing feedback-driven fuzzing techniques by proposing FuzzSplore, a visualization tool built on the AFL++ framework. FuzzSplore allows analysts to gain insights into different fuzzing configurations for a specific target, aiding in the selection and tuning of optimal techniques during a fuzzing campaign.
Fuzz Testing techniques are the state of the art in software testing for security issues nowadays. Their great effectiveness attracted the attention of researchers and hackers and involved them in developing a lot of new techniques to improve Fuzz Testing. The evaluation and the cross-comparison of these techniques is an almost open problem. In this paper, we propose a human-driven approach to this problem based on information visualization. We developed a prototype upon the AFL++ fuzzing framework, FuzzSplore, that an analyst can use to get useful insights about different fuzzing configurations applied to a specific target in order to choose or tune the best technique during a fuzzing campaign.