What is a fuzzing dictionary?

A fuzzing dictionary is a text file containing quoted strings or key-value pairs that represent meaningful tokens for a target application, helping fuzzers bypass early validation checks.

Why should I use a dictionary instead of random fuzzing?

Random fuzzing often gets stuck at the parser level; dictionaries provide the specific 'magic bytes' or keywords needed to reach deeper, more complex code paths.

Which fuzzers are compatible with this skill?

This skill provides guidance for industry-standard tools including libFuzzer, AFL++, cargo-fuzz, and manual seeding strategies for Go-fuzz.

Does AFL++ support automatic dictionary generation?

Yes, when using the afl-clang-lto compiler, AFL++ can automatically extract dictionary entries from string comparisons at compile time.

How do I generate a dictionary file?

Dictionaries can be generated via LLM prompts, extracted from C/C++ header files using grep, or pulled from binary files using the strings utility.

Fuzzing Dictionary Generator

Name: Fuzzing Dictionary Generator
Author: trailofbits

bytrailofbits

•

938

セキュリティとテスト

Guides fuzzing engines toward deep code paths by providing domain-specific tokens and protocol-specific keywords.

概要

The Fuzzing Dictionary skill empowers security researchers and developers to enhance their software testing workflows by utilizing structured tokens, magic bytes, and protocol commands. Instead of relying solely on random mutations, this skill provides the expertise to create and implement dictionary files that help tools like libFuzzer and AFL++ bypass initial validation checks. It is particularly useful when auditing complex parsers, network protocols, or file format handlers where blind mutation often fails to reach deeper logic.

主な機能

Guidance on hex escapes and non-printable character handling
Optimization strategies for dictionary size and fuzzer performance
Automated extraction of keywords from header files and binary strings
Support for major fuzzing engines including libFuzzer, AFL++, and cargo-fuzz
Domain-specific token generation for complex parsers
938 GitHub stars

ユースケース

Testing file format parsers for PNG or PDF files for memory safety issues
Enhancing code coverage in configuration file parsers like YAML, JSON, and TOML
Fuzzing network protocols like HTTP or DNS to find security vulnerabilities

概要

主な機能

Guidance on hex escapes and non-printable character handling
Optimization strategies for dictionary size and fuzzer performance
Automated extraction of keywords from header files and binary strings
Support for major fuzzing engines including libFuzzer, AFL++, and cargo-fuzz
Domain-specific token generation for complex parsers
938 GitHub stars

ユースケース

Testing file format parsers for PNG or PDF files for memory safety issues
Enhancing code coverage in configuration file parsers like YAML, JSON, and TOML
Fuzzing network protocols like HTTP or DNS to find security vulnerabilities