{"id":21760720,"url":"https://github.com/devdanzin/fusil","last_synced_at":"2025-04-13T12:50:50.731Z","repository":{"id":263869681,"uuid":"885327302","full_name":"devdanzin/fusil","owner":"devdanzin","description":"Fusil is a multi-agent Python library used to write fuzzing programs","archived":false,"fork":false,"pushed_at":"2025-04-11T02:02:48.000Z","size":365,"stargazers_count":13,"open_issues_count":32,"forks_count":1,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-11T03:19:15.036Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devdanzin.png","metadata":{"files":{"readme":"README.rst","changelog":"ChangeLog","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-11-08T11:24:50.000Z","updated_at":"2025-04-11T02:02:51.000Z","dependencies_parsed_at":"2025-04-03T18:41:01.800Z","dependency_job_id":null,"html_url":"https://github.com/devdanzin/fusil","commit_stats":null,"previous_names":["devdanzin/fusil"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdanzin%2Ffusil","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdanzin%2Ffusil/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdanzin%2Ffusil/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devdanzin%2Ffusil/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devdanzin","download_url":"https://codeload.github.com/devdanzin/fusil/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248717252,"owners_count":21150388,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-26T11:45:12.029Z","updated_at":"2025-04-13T12:50:50.706Z","avatar_url":"https://github.com/devdanzin.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"Fusil is back, sorta\n====================\n\nThis is a republishing of Victor Stinner's fusil project. It's probable\nthat much of the code doesn't work, as only the Python fuzzing code is\nbeing tested and worked on. While some development is planned for\nfuzzing Python, many other aspects of the library and other fuzzers\nare currently out of scope for this repository.\n\n\nHowever, code contributions to any parts of fusil will be accepted. Just\ndon't expect that new features will be worked on absent corresponding\ncode.\n\nMany links in the docs don't work, but some can be retrieved using the\nWayBack Machine. We'll probably update them sometime.\n\n------------------------------------------------------------\n\nFusil is a Python library used to write fuzzing programs. It helps to start\nprocess with a prepared environment (limit memory, environment variables,\nredirect stdout, etc.), start network client or server, and create mangled\nfiles. Fusil has many probes to detect program crash: watch process exit code,\nwatch process stdout and syslog for text patterns (eg. \"segmentation fault\"),\nwatch session duration, watch cpu usage (process and system load), etc.\n\nFusil is based on a multi-agent system architecture. It computes a session\nscore used to guess fuzzing parameters like number of injected errors to input\nfiles.\n\nAvailable fuzzing projects: ClamAV, Firefox (contains an HTTP server),\ngettext, gstreamer, identify, libc_env, libc_printf, libexif, linux_syscall,\nmplayer, php, poppler, vim, xterm.\n\nWebsite: http://bitbucket.org/haypo/fusil/wiki/Home\n\n\nUsage\n=====\n\nFusil is a library and a set of fuzzers called \"fusil-...\". To run a fuzzer,\ncall it by its name. Example: ::\n\n    $ fusil-gettext\n    Fusil version 0.9.1 -- GNU GPL v2\n    http://bitbucket.org/haypo/fusil/wiki/Home\n    (...)\n    [0][session 13] Start session\n    [0][session 13] ------------------------------------------------------------\n    [0][session 13] PID: 16989\n    [0][session 13] Signal: SIGSEGV\n    [0][session 13] Invalid read from 0x0c1086e0\n    [0][session 13] - instruction: CMP EDX, [EAX]\n    [0][session 13] - mapping: 0x0c1086e0 is not mapped in memory\n    [0][session 13] - register eax=0x0c1086e0\n    [0][session 13] - register edx=0x00000019\n    [0][session 13] ------------------------------------------------------------\n    [0][session 13] End of session: score=100.0%, duration=3.806 second\n    (...)\n    Success 1/1!\n    Project done: 13 sessions in 5.4 seconds (414.5 ms per session), total 5.9 seconds, aggresssivity: 19.0%\n    Total: 1 success\n    Keep non-empty directory: /home/haypo/prog/SVN/fusil/trunk/run-3\n\n\nFeatures\n========\n\nWhy using Fusil instead your own hand made C script?\n\n * Fusil limits child process environment: limit memory, use timeout, make\n   sure that process is killed on session end\n * Fusil waits until system load is load before starting a fuzzing session\n * Fusil creates a session directory used as the process current working\n   directory and Fusil only creates files in this directory (and not in /tmp)\n * Fusil stores all actions in fusil.log but also session.log for all\n   actions related of a session\n * Fusil has multiple available probes to compute session score: guess if\n   a sessions is a succes or not\n * Fusil redirects process output to a file and searchs bug text patterns\n   in the stdout/stderr (Fusil contains many text patterns to detect crashes\n   and problems)\n\n\nInstallation\n============\n\nRead INSTALL documentation file.\n\n\nDocumentation\n=============\n\nRead doc/index.rst: documentation index.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevdanzin%2Ffusil","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevdanzin%2Ffusil","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevdanzin%2Ffusil/lists"}