Google made its scalable fuzzing tool, called ClusterFuzz available as open source, yesterday. ClusterFuzz is used by Google for fuzzing the Chrome Browser, a technique that helps detect bugs in software by feeding unexpected inputs to a target program. For fuzzing to be effective, it should be continuous, done at scale, and integrated into the development process of a software project.
ClusterFuzz can run on clusters with over 25,000 machines and can effectively highlight security and stability issues in software. It serves as the fuzzing backend for OSS-Fuzz, a service that Google released back in 2016. ClusterFuzz was earlier offered as free service to open source projects through OSS-Fuzz but is now available for anyone to use.
ClusterFuzz comes with a variety of features that help integrate fuzzing into a software project's development process. Here are some of the key features in ClusterFuzz:
- Helps with accurate deduplication of crashes.
- Comes with a fully automatic bug filing and closing for issue trackers.
- Includes statistics for analyzing fuzzer performance, and crash rates.
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime
- Comprises easy-to-use web interface for management and viewing crashes.
ClusterFuzz has so far tracked more than 16,000 bugs in Chrome and over 11,000 bugs in more than 160 open source projects integrated with OSS-Fuzz. ClusterFuzz can detect bugs hours after they have been introduced and is capable of verifying the fix within a day.
“We developed ClusterFuzz over eight years to fit seamlessly into developer workflows, and to make it dead simple to find bugs and get them fixed. Through open sourcing ClusterFuzz, we hope to encourage all software developers to integrate fuzzing into their workflows.”, states the ClusterFuzz team members.
For more information, check out the ClusterFuzz’s official GitHub repository.
Google expands its Blockchain search tools, adds six new cryptocurrencies in BigQuery Public Datasets
Transformer-XL: A Google architecture with 80% longer dependency than RNNs
Google News Initiative partners with Google AI to help ‘deep fake’ audio detection research
United States
United Kingdom
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Argentina
Austria
Belgium
Bulgaria
Chile
Colombia
Cyprus
Czechia
Denmark
Ecuador
Egypt
Estonia
Finland
Greece
Hungary
Indonesia
Ireland
Italy
Japan
Latvia
Lithuania
Luxembourg
Malaysia
Malta
Mexico
Netherlands
New Zealand
Norway
Philippines
Poland
Portugal
Romania
Singapore
Slovakia
Slovenia
South Africa
South Korea
Sweden
Switzerland
Taiwan
Thailand
Turkey
Ukraine
