fuzzing-dictionary

# Fuzzing Dictionary A fuzzing dictionary provides domain-specific tokens to guide the fuzzer toward interesting inputs. Instead of purely random mutations, the fuzzer incorporates known keywords, magic numbers, protocol commands, and format-specific strings that are more likely to reach deeper code paths in parsers, protocol handlers, and file format processors. ## Overview Dictionaries are text files containing quoted strings that represent meaningful tokens for your target. They help fuzzers bypass early validation checks and explore code paths that would be difficult to reach through blind mutation alone. ### Key Concepts | Concept | Description | |---------|-------------| | **Dictionary Entry** | A quoted string (e.g., `"keyword"`) or key-value pair (e.g., `kw="value"`) | | **Hex Escapes** | Byte sequences like `"\xF7\xF8"` for non-printable characters | | **Token Injection** | Fuzzer inserts dictionary entries into generated inputs | | **Cross-Fuzzer Format** | Dictionary files work with libFuzzer, AFL++, and cargo-fuzz | ## When to Apply **Apply this technique when:** - Fuzzing parsers (JSON, XML, config files) - Fuzzing protocol implementations (HTTP, DNS, custom protocols) - Fuzzing file format handlers (PNG, PDF, media codecs) - Coverage plateaus early without reaching deeper logic - Target code checks for specific keywords or magic values **Skip this technique when:** - Fuzzing pure algorithms without format expectations - Target has no keyword-based parsin...