Testing Handbook Skills
Comprehensive security testing toolkit generated from the Trail of Bits Application Security Testing Handbook.
When to Use
-
Setting up fuzzing campaigns for C/C++, Rust, Python, or Ruby
-
Writing fuzzing harnesses for target functions
-
Analyzing code coverage to guide testing
-
Running sanitizers (AddressSanitizer, UBSan, MSan) to catch memory bugs
-
Performing constant-time testing for cryptographic code
-
Using Wycheproof test vectors for crypto validation
When NOT to Use
-
Smart contract auditing (use security-building-secure-contracts)
-
Writing custom Semgrep rules (use semgrep-rule-creator)
-
General code review (use security-differential-review)
-
Vulnerability hunting without a testing plan (use audit-context-building first)
Sub-Skills (17 total)
Fuzzers
Fuzzer Language Best For Skill Path
libFuzzer C/C++ LLVM-based coverage-guided fuzzing skills/libfuzzer/SKILL.md
AFL++ C/C++ Advanced mutation-based fuzzing skills/aflpp/SKILL.md
libAFL C/C++ LibAFL-based custom fuzzers skills/libafl/SKILL.md
cargo-fuzz Rust Rust native fuzzing with libFuzzer backend skills/cargo-fuzz/SKILL.md
Atheris Python Python coverage-guided fuzzing skills/atheris/SKILL.md
Ruzzy Ruby Ruby coverage-guided fuzzing skills/ruzzy/SKILL.md
Techniques
Technique Purpose Skill Path
Harness Writing Writing effective fuzzing harnesses skills/harness-writing/SKILL.md
Coverage Analysis Measuring and improving code coverage skills/coverage-analysis/SKILL.md
Fuzzing Dictionary Creating effective fuzzing dictionaries skills/fuzzing-dictionary/SKILL.md
Fuzzing Obstacles Overcoming common fuzzing barriers skills/fuzzing-obstacles/SKILL.md
AddressSanitizer Memory error detection with ASan skills/address-sanitizer/SKILL.md
Static Analysis
Tool Purpose Skill Path
Semgrep Fast pattern-matching security scans skills/semgrep/SKILL.md
CodeQL Deep semantic code analysis skills/codeql/SKILL.md
Cryptographic Testing
Tool Purpose Skill Path
Wycheproof Test vectors for crypto implementations skills/wycheproof/SKILL.md
Constant-Time Testing Verify constant-time crypto properties skills/constant-time-testing/SKILL.md
Infrastructure
Tool Purpose Skill Path
OSS-Fuzz Google's continuous fuzzing service skills/ossfuzz/SKILL.md
Meta
Tool Purpose Skill Path
Generator Generate new skills from the Testing Handbook skills/testing-handbook-generator/SKILL.md
Workflow
Starting a fuzzing campaign
-
Choose a fuzzer based on your target language (see Fuzzers table)
-
Write a harness using the harness-writing skill
-
Build with sanitizers (AddressSanitizer recommended as baseline)
-
Create a seed corpus with representative inputs
-
Run the campaign and monitor coverage
-
Analyze coverage to find uncovered code and improve the harness
-
Triage crashes and deduplicate findings
Setting up CI/CD testing
-
OSS-Fuzz for open-source projects (continuous fuzzing)
-
Semgrep + CodeQL for static analysis in PRs
-
Wycheproof test vectors for crypto validation
Quick Start by Language
Language Fuzzer Harness Sanitizer
C/C++ libFuzzer or AFL++ LLVMFuzzerTestOneInput
ASan + UBSan
Rust cargo-fuzz fuzz_target! macro Built-in sanitizers
Python Atheris atheris.FuzzedDataProvider
N/A
Ruby Ruzzy ruzzy harness pattern N/A
Source Material
Generated from the Trail of Bits Application Security Testing Handbook using the testing-handbook-generator meta-skill.