ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.
Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz.
ClusterFuzz provides many features to seamlessly integrate fuzzing into a software project’s development process:
- Highly scalable. Can run on any size cluster (e.g. Google’s instance runs on 30,000 VMs).
- Accurate deduplication of crashes.
- Fully automatic bug filing, triage and closing for various issue trackers (e.g. Monorail, Jira).
- Supports multiple coverage guided fuzzing engines (libFuzzer, AFL++ and Honggfuzz) for optimal results (with ensemble fuzzing and fuzzing strategies).
- Support for blackbox fuzzing.
- Testcase minimization.
- Regression finding through bisection.
- Statistics for analyzing fuzzer performance, and crash rates.
- Easy to use web interface for management and viewing crashes.
- Support for various authentication providers using Firebase.
As of May 2022, ClusterFuzz has found 25,000+ bugs in Google (e.g. Chrome) and 36,000+ bugs in over 550 open source projects integrated with OSS-Fuzz.