GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → tsundokul → pyradamsa

tsundokul / pyradamsa

Licence: MIT License
Python bindings for calling radamsa mutators

Programming Languages

python
139335 projects - #7 most used programming language
shell
77523 projects

Labels

securityfuzzing

Projects that are alternatives of or similar to pyradamsa

doona
Network based protocol fuzzer
Stars: ✭ 64 (+300%)
Mutual labels:  fuzzing
fuzza
Customizable TCP fuzzing tool to test for remote buffer overflows.
Stars: ✭ 29 (+81.25%)
Mutual labels:  fuzzing
FuSeBMC
FuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.
Stars: ✭ 26 (+62.5%)
Mutual labels:  fuzzing
rust-verification-tools
RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.
Stars: ✭ 237 (+1381.25%)
Mutual labels:  fuzzing
AEGPaper
Automatic Exploit Generation Paper
Stars: ✭ 30 (+87.5%)
Mutual labels:  fuzzing
sandsifter
The x86 processor fuzzer
Stars: ✭ 21 (+31.25%)
Mutual labels:  fuzzing
nozaki
HTTP fuzzer engine security oriented
Stars: ✭ 37 (+131.25%)
Mutual labels:  fuzzing
ML4Sec-papers
Research papers on ML for security
Stars: ✭ 27 (+68.75%)
Mutual labels:  fuzzing
dizzy-legacy
Network and USB protocol fuzzing toolkit.
Stars: ✭ 35 (+118.75%)
Mutual labels:  fuzzing
healer
Kernel fuzzer inspired by Syzkaller.
Stars: ✭ 194 (+1112.5%)
Mutual labels:  fuzzing
microgp4
A multi-purpose extensible self-adaptive evolutionary tool
Stars: ✭ 21 (+31.25%)
Mutual labels:  fuzzing
evine
Interactive CLI Web Crawler
Stars: ✭ 140 (+775%)
Mutual labels:  fuzzing
leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+3068.75%)
Mutual labels:  fuzzing
lagopus
Distributed fuzzing platform
Stars: ✭ 28 (+75%)
Mutual labels:  fuzzing
Kirenenko
Super Fast Concolic Execution Engine based on Source Code Taint Tracing
Stars: ✭ 84 (+425%)
Mutual labels:  fuzzing
Fragscapy
Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
Stars: ✭ 52 (+225%)
Mutual labels:  fuzzing
katnip
Extension library for the Kitty fuzzing framework
Stars: ✭ 73 (+356.25%)
Mutual labels:  fuzzing
go-sqlancer
go-sqlancer
Stars: ✭ 61 (+281.25%)
Mutual labels:  fuzzing
fuzzing-tutorial
Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.
Stars: ✭ 74 (+362.5%)
Mutual labels:  fuzzing
fuzzuf
Fuzzing Unification Framework
Stars: ✭ 263 (+1543.75%)
Mutual labels:  fuzzing
View All Similar Projects ➔

pyradamsa

pyradamsa provides an interface for calling libradamsa methods from within Python, allowing one to perform mutations on byte blocks (aka fuzzing). For more details see radamsa (a general-purpose fuzzer) and libradamsa (precompiled radamsa library).

NOTE

The master branch uses AFL++'s libradamsa. An alternative version created by p1-olm is available on radamsa-upstream branch and is based on the original libradamsa upstream.

How is the radamsa-upstream different than the master version?

  • The owl VM initialization uses different seeds, so result are different when mutating same bytes with the same seed
  • Future updates from libradamsa creators will show up first in radamsa-upstream

Usage

Install the package using pip (or build it from source)

pip install pyradamsa

Do some fuzzing

import pyradamsa

rad = pyradamsa.Radamsa()

mydata = b'GET /auth?pass=HelloWorld HTTP1.1'
fuzzed = rad.fuzz(mydata, seed=1337)
print(fuzzed)

> b'GET /auth?pass=HelloWorld HTTP\xc0\xb1.1'

# seed is randomly set if not provided
rad.fuzz(mydata)
> b'\tG\xf3\xa0\x81\x9c\xf7dLET \xe2\x81/aut\xf3\xa0\x80\xafHTTP2.rld HTTP2.rld HTTP3.2\xe1\xa0\x8e9'
rad.fuzz(mydata)
> b'GET /auth?pass=HelloWorld HTTP1.340282366920938463463374607431768211455'
etc.

# enforce static seed on initialization
rad = pyradamsa.Radamsa(seed=0)

# max_mut enforces a maximum length for returned data
# it defaults to (data length + an offset of 4096 bytes)
fuzzed = rad.fuzz(mydata, seed=1337, max_mut=10)
> b'GET /auth?'

# the offset may be overwritten on init
rad = pyradamsa.Radamsa(mut_offset=2048)

Building

Currently wheels are available for linux i686 and x86_64

# Clone the repo
git clone --recurse-submodules https://github.com/tsundokul/pyradamsa.git
cd pyradamsa

# patch memory leak when reinitializing owl vm
patch libradamsa/libradamsa.c realloc.patch

# OPTIONAL: when using manylinux (https://github.com/pypa/manylinux)
docker run --rm -it -v `pwd`:/io quay.io/pypa/manylinux2010_x86_64 /bin/bash
cd /io && alias python='/opt/python/cp35-cp35m/bin/python3.5'
export PATH="/opt/python/cp35-cp35m/bin/:${PATH}"

# Install requirements
python -m pip install -r requirements.txt

# Build C extension (libradamsa.so)
python setup.py build_ext

# Run tests
./run_tests

# Build wheel
python setup.py bdist_wheel

Contributing

  • Fork the repo
  • Check out a feature or bug branch
  • Add your changes
  • Update README when needed
  • Submit a pull request to upstream repo
  • Add description of your changes
  • Ensure tests are passing
  • Ensure branch is mergeable

MIT License, 2020 @tim17d

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].