This is a runtime environment to use when fuzzing. This runtime is specialized in detecting security boundaries violations in applications.
A fuzzer is an automatic testing tool commonly used for software. The goal is to test your software by executing it with a large set of pseudo-randomly generated inputs.
Most fuzzers are dedicated to find memory bugs in C libraries. In our case we focus on security issues in applications. Specifically we check that applications can't break their assumed security boundaries.
In general the runtime is useful to check the security boundaries of an application:
For example:
Technical documentation, research and thoughts process that happened during the development of this project are documented in the mdbook in docs.
Requires mdbook and mdbook-toc
$ cargo install mdbook
$ cargo install mdbook-toc
crates/tauri-fuzz-cli a cli to initialize fuzzing in a projectcrates/tauri-fuzz the runtime used while fuzzingcrates/tauri-fuzz-policies the security policies and the policy engine that will be used while fuzzingdocs/ technical information and thoughts process behind the projectexamples/ examples to run the fuzzer ontests/ tests| Platform | Can theoretically work | Tested on |
|---|---|---|
| Linux | ✅ | ✅ |
| Windows | ✅ | ✅ |
| MacOS | ✅ | ❌ |
| Android | ❓ | ❌ |
| iOS | ❓ | ❌ |
$ claude mcp add tauri-fuzz \
-- python -m otcore.mcp_server <graph>