Skip to content

MozillaSecurity/octo

Repository files navigation

Logo

A unified shared library which aids in building fuzzers for browsers or as complement for an already existing fuzzing framework.

JavaScript Style Guide Build Status Current Release Coverage Status Dependencies Status Dev Dependencies Status IRC

Octo.js bundles core functions and generic boilerplate code commonly used in most frameworks for fuzzing browsers. It is designed for the sharing of improvements between our individual fuzzers, and with the purpose of reducing the maintainability of those core features with minimal effort.

Octo's future aims to be a stable, well-tested and well-documented standard library for fuzzing in a JavaScript environment.

Table of Contents

Playbook

https://npm.runkit.com/@mozillasecurity/octo

Usage in Node

yarn add @mozillasecurity/octo
const { random, make } = require("@mozillasecurity/octo");
random.init();

// Common Operations
make.number.any();
make.text.any();

// WebCrypto
make.crypto.randomAlgorithm();

// WebGL
make.webgl.randomSamplerParameter();

Take a look into the API documentation for further use cases.

Usage in the Browser

yarn install
yarn build

A bundled production build (octo.js) is placed into the local dist directory.

Development

yarn lint
yarn test
yarn build

Testing

Octo.js uses Jest for testing. Each directory should contain a __tests__ folder containing the tests.

yarn test

API Documentation

or

yarn docs

What do the developers say?