Getting Started

Overview

CI Fuzz is a software system including a fuzzing backend as well as a user interface. Its fuzzing backend relies on a docker infrastructure to encapsulate different tasks such as building, running, and monitoring components. The user can interact with the system through a command line interface (CLI) or via the CI Fuzz extension for Visual Studio Code.

CI Fuzz contains three main components:

  • CI-Daemon : The CI-Server is responsible for backend tasks such as project compilation, managing fuzz-targets and operating the docker infrastructure and interacts with the CI-Client and the UI.
  • CI-Client : The CI-Client is the command line interface to initialize, build, and run fuzzers.
  • User-Interface : The CI Fuzz extension for Visual Studio Code helps the user to create and manage fuzz-targets and reproduce crash.

Key features of CI Fuzz are:

  • Starting, stopping and monitoring of the fuzzing processes in an encapsulated docker environment within the user machine
  • Very good integration into any build environment
  • Combination of different fuzzers for better results (code coverage, finding critical bugs)
  • Provide macros for fuzzing targets that use grammar based inputs (JSON, XML, and XML), structs or network sockets.
  • capable of implementing socket fuzzing
  • Supported languages : Java (JVM), Scala, Groovy, Koflin, Clojure, C/C++, Obj-C, Assm, Rust und Go.