NEZHA is an efficient and domain-independent differential fuzzer developed at Columbia University. NEZHA exploits the behavioral asymmetries between multiple test programs to focus on inputs that are more likely to trigger logic bugs.
NEZHA features several runtime diversity-promoting metrics used to generate inputs for multi-app differential testing. These metrics are described in detail in the 2017 IEEE Symposium on Security and Privacy (Oakland) paper - NEZHA: Efficient Domain-Independent Differential Testing.
These examples are tested on Ubuntu 16.04.
Install all dependencies and build NEZHA and the respective examples by invoking
./utils/build_helpers/setup.sh
This should create the appropriate files under examples/
Please refer to the domain-specific examples:
Examples of some of the bugs we found with Nezha are listed here.
Please refer to the Wiki for more information on NEZHA's internals.