Security News > 2022 > September > CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Code Intelligence has open-sourced a new security tool, CI Fuzz CLI, which lets developers run coverage-guided fuzz tests directly from the command line to find and fix vulnerabilities at scale.
Code Intelligence's new open-source tool aims to tackle these challenges by making fuzz testing usable for all developers.
CI Fuzz CLI allows developers to run a fuzz test with only 3 commands.
"We wanted to reduce the complexity of using fuzz testing," said Werner Krahe, Product Director of Code Intelligence: "Fuzzing should become as easy as unit testing. That's why we wanted to build a tool that all developers could use right away, without having to spend too much time with the documentation and without having to be a proven expert in software security testing."
CI Fuzz CLI can be integrated into common build systems, integrated development environments, and continuous integration/continuous delivery tools.
"Usability was key in the development of the CI Fuzz CLI. It was important to us, that developers become able to run fuzz tests in their own development environment. That's why we've made it possible to integrate the CI Fuzz CLI into common IDEs, such as Visual Studio Code and CLion. We also emphasized self-explanatory outputs and error messages. The tool provides you with full track traces for your findings and all the necessary information, to reproduce and fix the issues," Krahe told Help Net Security.
News URL
https://www.helpnetsecurity.com/2022/09/26/ci-fuzz-cli-open-source-fuzz-testing/