Microsoft Launches New Project OneFuzz Framework

Project OneFuzz is an open-source developer tool to find and fix bugs at scale.

Recently, Microsft released a new tool called Project OneFuzz, an extensible fuzz testing framework for Azure. OneFuzz is available through GitHub as an open-source tool.
 
Fuzz testing is an effective method for increasing the security and reliability of native code. Microsoft said that it aims to enable developers to easily and continuously fuzz test their code prior to release. This global release of Project OneFuzz is aimed at helping harden the platforms and tools that power our daily work and personal lives to make an attacker’s job more difficult.
 
 
Source: Microsoft
 
According to Microsoft, Project OneFuzz has already enabled continuous developer-driven fuzzing of Windows. This has allowed the company to proactively harden the Windows platform prior to shipment of the latest OS builds. Developers can launch fuzz jobs, with a single command line, ranging in size from a few VM to thousands of cores.
 
Project OneFuzz enables Composable fuzzing workflows, Built-in ensemble fuzzing, Programmatic triage and result deduplication, On-demand live-debugging of found crashes, Observable and Debug-able, Fuzz on Windows and Linux OSes, and Crash reporting notification callbacks.