Sample code for a quick demo of go 1.18's fuzzing

Fuzzing in Go 1.18

What is it?

"Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find bugs. Go fuzzing uses coverage guidance to intelligently walk through the code being fuzzed to find and report failures to the user. Since it can reach edge cases which humans often miss, fuzz testing can be particularly valuable for finding security exploits and vulnerabilities."

How does it work?

Demo time!

When does it make sense for you?

Good uses

Testing corner cases that you never thought of.

Limitations

You can't control the input, so it can be hard to test what should be an error, and what shouldn't.

Appendix

Tutorial https://tip.golang.org/doc/tutorial/fuzz

Installing go 1.18 https://tip.golang.org/doc/tutorial/fuzz#installing_beta

Slides https://docs.google.com/presentation/d/1v4Suf9dVbDZkjQsLMSrIX_MPXwFSXUyCyLv3sbjc968/edit?usp=sharing

Owner
David Lanouette
Principal Engineer @ Red Hat
David Lanouette
https://github.com/davidlanouette/gofuzz
Similar Resources

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code. It provides a variety of helper functions and patterns for common infrastructure testing tasks,

Dec 30, 2022

mockery - A mock code autogenerator for Golang

mockery - A mock code autogenerator for Golang

mockery - A mock code autogenerator for Golang

Jan 8, 2023

A Master list of Go Programming Tutorials, their write-ups, their source code and their current build status!

A Master list of Go Programming Tutorials, their write-ups, their source code and their current build status!

TutorialEdge TutorialEdge.net Go Tutorials 👩‍💻 👨‍💻 Welcome to the TutorialEdge Go Repository! The goal of this repo is to be able to keep track of

Dec 18, 2022

Automatically generate Go test boilerplate from your source code.

Automatically generate Go test boilerplate from your source code.

gotests gotests makes writing Go tests easy. It's a Golang commandline tool that generates table driven tests based on its target source files' functi

Jan 8, 2023

A library to aid unittesting code that uses Golang's Github SDK

go-github-mock A library to aid unittesting code that uses Golang's Github SDK Installation go get github.com/migueleliasweb/go-github-mock Features C

Dec 30, 2022

Just a quick demo of how you can use automatically generated protobuffer and gRPC code from buf.build

buf.build demo The purpose of this repository is to demonstrate how to use the services offered by buf.build for hosting protobuffer definitions and a

Jan 4, 2022

Sample code snippet to familiarize golang . Concept of goroutines , channels, concurrency is implemented in a sample scenario

go-mysql-goroutines-channel Sample code snippet to familiarize golang . Concept of goroutines , channels, concurrency , interface, slice, error handli

May 29, 2022

Auto-gen fuzzing wrappers from normal code. Automatically find buggy call sequences, including data races & deadlocks. Supports rich signature types.

fzgen fzgen auto-generates fuzzing wrappers for Go 1.18, optionally finds problematic API call sequences, can automatically wire outputs to inputs acr

Dec 23, 2022

Quick and dirty demo of cobra functionality

Cobra Demo Purpose Testing out how cobra CLI's are parsed. Overview To use this repo, you can run something like this (from the directory where you cl

Sep 26, 2022

Quick demo of Neo4j 4.4 new impersonation feature in Go

Neo4j 4.4 impersonation demo This is a simple application that demonstrates how to configure impersonation. Database setup Start a Neo4j server. On th

Dec 13, 2021

Go-generic-unboxing - A quick ready to ship demo for go generic using the official example

Go generic This repo contain basic demo for installing and running go1.18beta1 v

Feb 1, 2022

Elastic Stack Docker + Sample Go AppElastic Stack Docker + Sample Go App

Elastic Stack Docker + Sample Go AppElastic Stack Docker + Sample Go App

📶 Elastic Stack Docker + Sample Go App Test Elastic Stack which includes Elasticsearch, Kibana, Filebeat and Metricbeat. It comes with a very simple

Jan 14, 2022

EdgeDB-Golang-Docker-Sample - The sample of connection between EdgeDB Server and Go Echo API Server

EdgeDB Golang Docker Sample 『Go + Docker Composeを使ってEdgeDBを動かしてみた』のサンプルコードです。 使い

Nov 2, 2022

A generic fuzzing and delta-debugging framework

A generic fuzzing and delta-debugging framework

Tavor Tavor (Sindarin for woodpecker) is a framework for easily implementing and using fuzzing and delta-debugging. Its EBNF-like notation allows you

Dec 18, 2022

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing Architecture Usage package main import ( restAPI "github.com/iasthc/hsuan-

Nov 30, 2022

Simple SQL table fuzzing

SQLfuzz Load random data into SQL tables for testing purposes. The tool can get the layout of the SQL table and fill it up with random data. Installat

Oct 31, 2022

Shfz - Scenario-based fuzzing test execution tool for web applications

Shfz - Scenario-based fuzzing test execution tool for web applications

shfz A scenario-based web application fuzzng tool that supports fuzz generation

Nov 9, 2022

This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

Feb 6, 2022

Fuzzing concurrent Go programs

The code, analysis scripts and results for ASPLOS 2022 Artifact Evaluation Version: 1.2 Update: Jan 20, 2022 Paper: Who Goes First? Detecting Go Concu

Dec 15, 2022
Related tags
Testing Frameworks gofuzz
Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing
 Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing Architecture Usage package main import ( restAPI "github.com/iasthc/hsuan-

Nov 30, 2022
This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

Feb 6, 2022
Fuzzing concurrent Go programs

The code, analysis scripts and results for ASPLOS 2022 Artifact Evaluation Version: 1.2 Update: Jan 20, 2022 Paper: Who Goes First? Detecting Go Concu

Dec 15, 2022
Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻

Gnomock – tests without mocks ??️ Spin up entire dependency stack ?? Setup initial dependency state – easily! ?? Test against actual, close to product

Dec 29, 2022
Demo repository for Infrastructure as Code testing tools and frameworks.

Testing Infrastructure as Code Demo repository for Infrastructure as Code testing tools and frameworks. Maintainer M.-Leander Reimer (@lreimer), mario

Jan 23, 2022
Quick and easy expression matching for JSON schemas used in requests and responses

schema schema makes it easier to check if map/array structures match a certain schema. Great for testing JSON API's or validating the format of incomi

Dec 24, 2022
Quick and Easy server testing/validation
 Quick and Easy server testing/validation

Goss - Quick and Easy server validation Goss in 45 seconds Note: For an even faster way of doing this, see: autoadd Note: For testing docker container

Oct 7, 2022
Quick and dirty test to compare MySQL perf between ARM64 & Rosetta MySQL on M1Pro mac

Quick and dirty test to compare MySQL perf between ARM64 & Rosetta MySQL on M1Pro mac

Nov 5, 2021
Go-serverless-slack-app - This is a sample template for document_app_test

Go-serverless-slack-app - This is a sample template for document_app_test

Jan 21, 2022
Mutation testing for Go source code

go-mutesting go-mutesting is a framework for performing mutation testing on Go source code. Its main purpose is to find source code, which is not cove

Dec 28, 2022