FuzzingPaper
FuzzingPaper is a curated repository collecting recent academic papers on fuzzing research, organized by publication venue and year. It serves as a reference hub for developers and researchers interested in fuzzing techniques, coverage-guided testing, and vulnerability discovery across multiple domains (kernels, compilers, web apps, IoT, blockchain).
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | wcventure/FuzzingPaper |
| Owner | wcventure |
| Primary language | Unknown |
| License | MIT — OSI-approved |
| Stars | 2.8k |
| Forks | 370 |
| Open issues | 0 |
| Latest release | Unknown |
| Last updated | 2026-03-19 |
| Source | https://github.com/wcventure/FuzzingPaper |
What FuzzingPaper is
A documentation/curation project (not a tool) that aggregates peer-reviewed fuzzing research from top-tier venues (CCS, SP, ASIACCS, ISSTA, FSE) spanning 2024–2025. Papers cover directed greybox fuzzing, LLM-assisted fuzzing, differential testing, binary analysis, protocol fuzzing, and domain-specific approaches (firmware, WebAssembly, 5G RAN, smart contracts).
Get the FuzzingPaper source
Clone the repository and explore it locally.
git clone https://github.com/wcventure/FuzzingPaper.gitcd FuzzingPaper# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- This is a curation/reference resource, not deployable software. Integration is reading/browsing papers or programmatically parsing the markdown/JSON for literature automation.
- Paper links are external (ACM Digital Library, arXiv, IEEE). Accessing paywalled venues may require institutional subscription or author preprints.
- Organization is by publication venue and year; no taxonomy by problem domain, tool, or technique maturity. Manual navigation or secondary classification needed for targeted searches.
- No API, structured metadata, or machine-readable format provided beyond markdown. Automated ingestion would require custom parsing or external citation tools.
- Accuracy and completeness depend on community contribution; no automated validation of paper links, metadata, or relevance. Stale or broken links possible over time.
When to avoid it — and what to weigh
- Need a Runnable Fuzzing Tool — FuzzingPaper is a paper collection only; it does not provide executable code, frameworks, or libraries. Use it for research insight, not direct vulnerability scanning.
- Require Production-Ready Implementations — This repository is not a software library or tool distribution. Papers describe techniques; actual implementations must be sourced from respective authors or dedicated fuzzing projects (libFuzzer, AFL, Syzkaller, etc.).
- Need Long-Term Maintenance & Support — Contribution-driven curation with no explicit SLA or support model. Updates depend on community PRs and maintainer availability; not suitable for compliance-critical documentation requirements.
- Seeking Hands-On Tutorials or Deployment Guides — Focused on academic paper links and metadata; lacks implementation tutorials, installation guides, or deployment walkthroughs. Expect to consult original papers and external tool repos.
License & commercial use
MIT License (Massachusetts Institute of Technology License). Permissive OSI-approved license allowing unrestricted use, modification, and distribution for any purpose, provided original copyright and license notice are retained.
MIT License permits commercial use without restriction or royalty. No license barrier to commercial distribution, derivative works, or incorporation into commercial products. However, verify that external paper links (ACM, IEEE, arXiv) respect academic copyright and access terms independently.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Possible |
| Assessment confidence | High |
Not applicable. FuzzingPaper is a metadata/paper collection, not executable code or a service. No authentication, cryptography, or injection surfaces. GitHub repository access follows standard public repository security. However, users should verify the integrity and authenticity of external paper links (ACM, arXiv) before trusting research results or adopting techniques in production systems.
Alternatives to consider
ACM Digital Library / IEEE Xplore (Direct Search)
Provides authoritative, indexed access to all papers with advanced filtering by conference, year, keyword. Better for complex queries but requires subscriptions; no curation benefit.
arXiv (cs.CR / cs.SE Categories)
Free preprints of many published papers with RSS feeds and search. Good for researchers but lacks domain-specific grouping by fuzzing venue or methodology.
Fuzzing Tools Repositories (libFuzzer, AFL, Syzkaller, etc.)
If seeking executable fuzzing implementations rather than research references. These provide runnable code, benchmarks, and community support for practical fuzzing deployment.
Build on FuzzingPaper with DEV.co software developers
Use FuzzingPaper to evaluate state-of-the-art fuzzing techniques. Our team can help you implement custom fuzzing strategies, select tools for your domain, and integrate vulnerability detection into your CI/CD. Contact us for a security engineering consultation.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
FuzzingPaper FAQ
Can I use papers from this repo in my security audit or vulnerability program?
Is there a structured API to query papers by domain, technique, or tool?
How current is this collection? Are 2025 papers included?
Can I deploy or run this as a tool or service?
Software developers & web developers for hire
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If FuzzingPaper is part of your open-source testing roadmap, our team can implement, customize, migrate, and maintain it.
Build Smarter Fuzzing into Your Security Pipeline
Use FuzzingPaper to evaluate state-of-the-art fuzzing techniques. Our team can help you implement custom fuzzing strategies, select tools for your domain, and integrate vulnerability detection into your CI/CD. Contact us for a security engineering consultation.