Home

Awesome

ClusterFuzz

<p align="center"> <img src="docs/images/logo.png" width="400"> </p>

OpenSSF Scorecard

ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.

Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz.

ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process:

Overview

<p align="center"> <img src="docs/images/overview.png"> </p>

Documentation

You can find detailed documentation here.

Trophies

As of February 2023, ClusterFuzz has found ~27,000 bugs in Google (e.g. Chrome). Additionally, ClusterFuzz has helped identify and fix over 8,900 vulnerabilities and 28,000 bugs across 850 projects integrated with OSS-Fuzz.

Getting Help

You can file an issue to ask questions, request features, or ask for help.

Staying Up to Date

We will use clusterfuzz-announce(#)googlegroups.com to make announcements about ClusterFuzz.

ClusterFuzzLite

For a more lightweight version of ClusterFuzz that runs on CI/CD systems, check out ClusterFuzzLite.