Q: What is the best fuzzer (automated software testing tool) to find 0-days? Why?
0-day is a very broad statement.
I tend to use the payload fuzzers in BurpSuite and OWasp Zap Proxy, but these require me to identify the target that I’m testing, and the appropriate data scope and range to fuzz.
I suspect you might be more interested in application or file based fuzzers.
Google have introduced a service for fuzzing applications.
There are many lists of fuzzers to read through.
New tools are being created for this all the time and there is a constant flood of research on fuzzing:
Since the fuzzers all work at different levels and on different technologies you have to be very specific in your research to make sure you don’t overload yourself with tools (with is all too easy to do in Security Testing)