fuzzing-dictionary

A fuzzing dictionary provides domain-specific tokens to guide the fuzzer toward interesting inputs. Instead of purely random mutations, the fuzzer incorporates known keywords, magic numbers, protocol commands, and format-specific strings that are more likely to reach deeper code paths in parsers, protocol handlers, and file format processors. Dictionaries are text files containing quoted strings that represent meaningful tokens for your target. They help fuzzers bypass early validation checks and explore code paths that would be difficult to reach through blind mutation alone. Apply this technique when: Skip this technique when: Create a text file with quoted strings on each line. Use comments ( # ) for documentation. Example dictionary format: Choose a generation method based on what's available: From LLM: Prompt ChatGPT or Claude with: From header files: From man pages (for CLI tools): From binary strings: Use the appropriate flag for your fuzzer (see Quick Reference above). Use Case: Fuzzing HTTP or custom protocol handlers Dictionary content: Use Case: Fuzzing image parsers, media decoders, archive handlers Dictionary content: Use Case: Fuzzing config file parsers (YAML, TOML, INI) Dictionary content: When using afl-clang-lto compiler, AFL++ automatically extracts dictionary entries from string comparisons in the binary.