CI Fuzz
CI Fuzz is command line tool for creating Fuzz Tests. CI Fuzz enables developers to identify bugs and vulnerabilities early in the testing process. It connects to the source code and analyzes code when executed, unlike static analysis tools (SAST). This ensures zero false positives - every flagged issue represents an actual bug in the running code.
All uncovered bugs are pinpointed to the exact line of code in the repository and accompanied by inputs that triggered an issue and clear actions to remediate those. So you can quickly identify the root cause, start fixing them, and release features faster.
Features
- Easily setup, create, and run Fuzz Tests
- Generate coverage reports that can be integrated in your IDE
- Supports multiple programming languages and build systems
Languages and build systems
CI Fuzz directly supports the following language and build system combinations:
- C/C++ - CMake, Bazel
- Java - Maven, Gradle
- Javascript/Typescript - NodeJS
CI Fuzz also provides general support for other C/C++ build systems, like Make.