testing-handbook-skills
SKILL.md
Testing Handbook Skills
Comprehensive security testing toolkit generated from the Trail of Bits Application Security Testing Handbook.
When to Use
- Setting up fuzzing campaigns for C/C++, Rust, Python, or Ruby
- Writing fuzzing harnesses for target functions
- Analyzing code coverage to guide testing
- Running sanitizers (AddressSanitizer, UBSan, MSan) to catch memory bugs
- Performing constant-time testing for cryptographic code
- Using Wycheproof test vectors for crypto validation
When NOT to Use
- Smart contract auditing (use security-building-secure-contracts)
- Writing custom Semgrep rules (use semgrep-rule-creator)
- General code review (use security-differential-review)
- Vulnerability hunting without a testing plan (use audit-context-building first)
Sub-Skills (17 total)
Fuzzers
| Fuzzer | Language | Best For | Skill Path |
|---|---|---|---|
| libFuzzer | C/C++ | LLVM-based coverage-guided fuzzing | skills/libfuzzer/SKILL.md |
| AFL++ | C/C++ | Advanced mutation-based fuzzing | skills/aflpp/SKILL.md |
| libAFL | C/C++ | LibAFL-based custom fuzzers | skills/libafl/SKILL.md |
| cargo-fuzz | Rust | Rust native fuzzing with libFuzzer backend | skills/cargo-fuzz/SKILL.md |
| Atheris | Python | Python coverage-guided fuzzing | skills/atheris/SKILL.md |
| Ruzzy | Ruby | Ruby coverage-guided fuzzing | skills/ruzzy/SKILL.md |
Techniques
| Technique | Purpose | Skill Path |
|---|---|---|
| Harness Writing | Writing effective fuzzing harnesses | skills/harness-writing/SKILL.md |
| Coverage Analysis | Measuring and improving code coverage | skills/coverage-analysis/SKILL.md |
| Fuzzing Dictionary | Creating effective fuzzing dictionaries | skills/fuzzing-dictionary/SKILL.md |
| Fuzzing Obstacles | Overcoming common fuzzing barriers | skills/fuzzing-obstacles/SKILL.md |
| AddressSanitizer | Memory error detection with ASan | skills/address-sanitizer/SKILL.md |
Static Analysis
| Tool | Purpose | Skill Path |
|---|---|---|
| Semgrep | Fast pattern-matching security scans | skills/semgrep/SKILL.md |
| CodeQL | Deep semantic code analysis | skills/codeql/SKILL.md |
Cryptographic Testing
| Tool | Purpose | Skill Path |
|---|---|---|
| Wycheproof | Test vectors for crypto implementations | skills/wycheproof/SKILL.md |
| Constant-Time Testing | Verify constant-time crypto properties | skills/constant-time-testing/SKILL.md |
Infrastructure
| Tool | Purpose | Skill Path |
|---|---|---|
| OSS-Fuzz | Google's continuous fuzzing service | skills/ossfuzz/SKILL.md |
Meta
| Tool | Purpose | Skill Path |
|---|---|---|
| Generator | Generate new skills from the Testing Handbook | skills/testing-handbook-generator/SKILL.md |
Workflow
Starting a fuzzing campaign
- Choose a fuzzer based on your target language (see Fuzzers table)
- Write a harness using the harness-writing skill
- Build with sanitizers (AddressSanitizer recommended as baseline)
- Create a seed corpus with representative inputs
- Run the campaign and monitor coverage
- Analyze coverage to find uncovered code and improve the harness
- Triage crashes and deduplicate findings
Setting up CI/CD testing
- OSS-Fuzz for open-source projects (continuous fuzzing)
- Semgrep + CodeQL for static analysis in PRs
- Wycheproof test vectors for crypto validation
Quick Start by Language
| Language | Fuzzer | Harness | Sanitizer |
|---|---|---|---|
| C/C++ | libFuzzer or AFL++ | LLVMFuzzerTestOneInput |
ASan + UBSan |
| Rust | cargo-fuzz | fuzz_target! macro |
Built-in sanitizers |
| Python | Atheris | atheris.FuzzedDataProvider |
N/A |
| Ruby | Ruzzy | ruzzy harness pattern |
N/A |
Source Material
Generated from the Trail of Bits Application Security Testing Handbook using the testing-handbook-generator meta-skill.
Weekly Installs
9
Repository
elizaos/elizaGitHub Stars
17.8K
First Seen
Feb 18, 2026
Security Audits
Installed on
opencode8
gemini-cli7
claude-code7
amp7
github-copilot7
codex7