|Other names||Project OneFuzz|
|Initial release||September 18, 2020|
5.10.0 / August 12, 2022
|Written in||Rust, Python|
|Operating system||Windows, Linux|
OneFuzz is a cross-platform free and open source fuzz testing framework by Microsoft. The software enables continuous developer-driven fuzz testing to identify weaknesses in computer software prior to release.
OneFuzz is a self-hosted fuzzing-as-a-service platform that automates the detection of software bugs that could be security issues. It supports Windows and Linux.
Notable features include composable fuzzing workflows, built-in ensemble fuzzing, programmatic triage and result de-duplication, crash reporting notification callbacks, and on-demand live-debugging of found crashes. The command-line interface client is written in Python 3, and targets Python 3.7 and up.
Microsoft uses the OneFuzz testing framework to probe Edge, Windows and other products at the company. It replaced the previous Microsoft Security Risk Detection software testing mechanism.
The source code was released on September 18, 2020. It is licensed under MIT License and hosted on GitHub.