Trail of Bits Releases Gosentry: A Fuzzing-Focused Fork of the Go Toolchain
Trail of Bits has released gosentry, a fuzzing-oriented fork of the Go toolchain that replaces the native fuzzing engine with LibAFL, adding support for grammar-based fuzzing, struct-aware fuzzing, and detection of bug classes like integer overflows and goroutine leaks.
Trail of Bits has released gosentry, a fuzzing-oriented fork of the Go toolchain that replaces the native fuzzing engine with LibAFL. The tool adds support for grammar-based fuzzing via Nautilus, native struct fuzzing, and detection of bug classes like integer overflows, goroutine leaks, data races, and execution timeouts that Go's vanilla fuzzer misses. Existing testing.F harnesses work without modification; users only need to point gosentry's binary at them.
Go's native fuzzing is useful but stands far behind state-of-the-art tooling available in the Rust, C, and C++ ecosystems. Path constraints are hard to solve, structured inputs usually require handmade parsing, and the native fuzzer does not detect several common bug classes. Gosentry addresses these gaps by keeping the standard testing.F workflow while using a stronger fuzzing stack underneath.
With gosentry, `go test -fuzz` uses LibAFL by default. It can fuzz structs natively, run grammar-based fuzzing with Nautilus, detect bug classes that were previously undetectable, and create a fuzzing campaign coverage report in one command. If you already have Go fuzz harnesses, you do not need to rewrite them; simply point them at gosentry's binary and you get all of the above through the same `go test -fuzz` interface, with a few new flags.
Gosentry also improves input quality in two ways. Struct-aware fuzzing allows fuzzing of composite types like structs, slices, arrays, and pointers, which Go's native fuzzing does not support. Grammar-based fuzzing uses Nautilus to generate and mutate grammar-valid inputs while LibAFL drives the coverage-guided loop, enabling more effective fuzzing of structured formats like JSON.
Another added value of gosentry is its capacity to turn more bad behaviors into failures that the vanilla Go fuzzer would not report. It includes compiler-inserted integer overflow checks by default and optional truncation checks through the go-panikint integration. It also lets you choose function calls that should stop the fuzzer, such as using `--panic-on` to stop fuzzing when `log.Fatal` is called. Additionally, it can catch data race issues using the native Go race detector (`--catch-races`), goroutine leaks through its goleak integration (`--catch-leaks`), and timeouts at fuzz-time.
Trail of Bits started this project after releasing go-panikint to improve Go fuzzing's integer overflow detection, realizing that integer overflow detection alone was not enough. The Go fuzzing ecosystem was still missing techniques that Rust, C, and C++ researchers already use every day. Gosentry aims to bridge that gap by providing a more powerful fuzzing tool that remains familiar to Go developers.
The release of gosentry represents a significant step forward for Go security testing, offering developers and security researchers a way to leverage advanced fuzzing techniques without abandoning the standard Go testing framework. The tool is available as a fork of the Go toolchain, and more details can be found on the Trail of Bits blog.